Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Proxy Usage in XG without Email Protection License

So I have a customer moving from a UTM cluster to XG, and when they purchased the new XG, they said they were using Google and Microsoft (O365) for their various email domains, did not need Email protection.  The UTM cluster we are replacing does have the email protection feature licensed.

Now that we are configuring the replacement, I've found that they are using the old UTM as a simple SMTP relay for outbound email  -- with the allowed relay hosts setting controlling who can email out; all other SMTP traffic is denied.  No inbound mail is being scanned, etc. (they have a placeholder non-real domain in the inbound list).

The question I have is, as I've never had this come up... does the XG SMTP Proxy still function completely (minus the AV, Anti-Spam features) without the unit having an Email Protection license?



This thread was automatically locked due to age.
Parents
  • No it does not. MTA (Email Proxy) will not accept mails, if not licensed. So you have to configure your outbound email services to directly talk to the destination and control it via Firewall rules. 

    __________________________________________________________________________________________________________________

  • So, our local Sophos SE checked into this for me, and according to what appears to be a dev, they say it will work as long as scanning is not enabled.... if you want I can DM you the dev's name.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • So, our local Sophos SE checked into this for me, and according to what appears to be a dev, they say it will work as long as scanning is not enabled.... if you want I can DM you the dev's name.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
  • And now my SE said he slightly messed up the question to the Dev.  Lucar is absolutely right (unfortunately, in my situation).

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.