This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mail server transmits messages from WAN without authentication

Hi

I have a mail test environment here where a Sophos XG is configured as MTA (Mail Transfer Agent). In the relay settings, two internal mail servers are configured as "Allow" and "Block" is defined as any. Since the Sophos should be able to receive mails from outside, "Any" is allowed as the upstream host. "Authenticated Relay" is not activated.

This configuration seems to work in principle, but anyone on the WAN side can configure Sophos as a mail server, and then transfer emails to the internal mail servers on behalf of the domains defined in "Domains and routing target / Protected Domains" without authentication. The only condition is that the sender and recipient domains are entered in "Domains and routing target / Protected Domains".
Even activating the "Authenticated Relay" does not change this behaviour.

Is there anything I can do to prevent this?



This thread was automatically locked due to age.
Parents Reply Children