Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 4681 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Relay Email Traffic from Sophos XG to Exchange Online

Brad Clement

Good evening everyone,

I am wondering if something like this is possible with the Sophos XG Firewall.

We are hoping to have a scenario like the following.

MX Record is pointing to IP of Sophos > Sophos XG performs email scanning and protection > email then is forwarded or relayed to Exchange Online.

Biggest reason for wanting to do so is that the current Exchange Online license E3 only provides basic email protection and we already pay for Sophos XG which has better protection regarding spam and a number of other nice features. I understand that we could by pass Sophos XG and go directly to EO but the costs for the advanced email protection are not warranted.

Is the above possible or am I SOL and should go the better Office 365 license route?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Brad,

    Thank you for contacting the Sophos Community.

    Yes, this is possible to achieve, however, your XG is prompt to be an open relay, so this configuration is not recommended.

    You need to do two things:

    1. Is to create in the XG an IP Host for each one of the subnets mentioned in this article, once you have created the IP Hosts, just add them under the Host-Based Relay.

    2.Under SMTP Route & Scan, select Rout By = Static Host, and Create and select the IP addresses used by your Office 365 MX records. (This can also be found by issuing the command nslookup -q=MX <domain> in the command prompt of a workstation.)

    Then configure your Exchange rule online accordingly to Route Email through these smart hosts and enter your Sophos XG Public IP.

    This configuration might cause an open relay security issue, I would recommend you to reach out to your Sales Engineer, if you still decide to go with this configuration.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Hello Emmanuel,

    I think the TO asks to receive the external mails at the XG and to forward them to Exchange Online ... looks like you are describing the other direction.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • 0 in reply to emmosophos

    Hello Emmanuel,

    I think the TO asks to receive the external mails at the XG and to forward them to Exchange Online ... looks like you are describing the other direction.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
Unfiltered HTML