This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IMAP/POP Scans and Relaying

Hello,

In the UTM world I was able to set up the UTM to relay all outbound email through it before going out.

Likewise, I was able to set it up to scan and mark all incoming mail for AV and SPAM and store for release by user via a weekly digest email or from Portal.

In XG, I see the digest option which I configured and test successfully, however when I set up the scan options according to the help:

https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigurePOPIMAPScan/index.html

My incoming email doesn't make it unless I disable the auto-created MTA rule. I can see this rule as 'accept' in the Log Viewer under Firewall but do not see anything logged under Email => Mail Spool and Mail Log.

With the UTM I could see all email traffic going in/out in similar spool and log screens.

Lastly, am I able to relay all internal email thru XG before sending out? Again, I could do this in UTM.

Can someone tell me what I am missing? Is the XG capable of this functionality like UTM was or will it only handle an internal email server?

Thanks,

Kerry

This thread was automatically locked due to age.

Top Replies

Raphael Alganes over 1 year ago +1 suggested

Hello there, Good day and thanks for reaching out to Sophos Community and hope you are well. May we check if you happen to enable SMTP relay on WAN as per this doc guide: https://docs.sophos.com/nsg…

Parents

0 Raphael Alganes over 1 year ago

Hello there,

Good day and thanks for reaching out to Sophos Community and hope you are well.

May we check if you happen to enable SMTP relay on WAN as per this doc guide: https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigureEmailProtectionMTA/index.html#allow-and-protect-inbound-emails

Thanks for your time and patience and thank you for choosing Sophos

Cheers,

Raphael Alganes
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Cancel
0 BlackSheepOne over 1 year ago in reply to Raphael Alganes

Hello Raphael,

That option was not turned however after I turned it on, still no inbound email or log/spool messages.

The link you provided is for internal email server only, correct? I noticed in my initial post I failed to clarify I do not have an internal mail server. The email I use is from my ISP.

Kerry
Cancel
Vote Up 0 Vote Down

Cancel
0 Raphael Alganes over 1 year ago in reply to BlackSheepOne

Hello there,

Thanks for these information. does the sender receives NDR whenever the FW rule is enabled and recepient did not receive the mail? kindly share if there's any

Kindly check as well smtpd_main.log if it would have any details regarding incoming emails, kindly run this on Advance shell:

tail -f /log/smtpd_main.log

Also, might these be your use case/setup? https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigureProtectionCloudMailServerMTA/index.html#cloud-hosted-mail-server-network-diagram

If yes, kindly try to follow the configuration steps and kindly let us know how it goes.

Many thanks for your time and patience and thank you for choosing Sophos

Cheers,

Raphael Alganes
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 BlackSheepOne over 1 year ago in reply to Raphael Alganes

Raphael,

Thanks for the reply.

Sender does not receive anything with FW rule enabled.

tail -f /log/smtpd_main.log displays the following:

21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running

The link you provide appears to be for my own mail server in the cloud as it requires MX record change which I cannot do as it is my ISP's mail server.

I would like to relay any mail from inside my network from the XG firewall to the internet. I also would like to scan for spam and AV any emails coming into my network via the FW first. We use 3 different email services, local ISP, Google and Proton Mail.

Kerry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BlackSheepOne over 1 year ago in reply to Raphael Alganes

Raphael,

Thanks for the reply.

Sender does not receive anything with FW rule enabled.

tail -f /log/smtpd_main.log displays the following:

21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running
21601 1 queue-runner process running

The link you provide appears to be for my own mail server in the cloud as it requires MX record change which I cannot do as it is my ISP's mail server.

I would like to relay any mail from inside my network from the XG firewall to the internet. I also would like to scan for spam and AV any emails coming into my network via the FW first. We use 3 different email services, local ISP, Google and Proton Mail.

Kerry
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data