This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT rule ignored.

I have the following system:

  1. Sophos XG Home SFVH (SFOS 19.5.2 MR-2-Build624) configured in MTA mode.
  2. One mail server
  3. Some E-mail Account hosted on Cloud Public Server

The problem is that SMTP out mail doesn’t engage Nat rule. See imagebelow
Sending and receiving mail via Mail server works fine.
Receiving Pop3 and Imap mail work fine

The snat rule is below

I suppose the solution is from : https://support.sophos.com/support/s/article/KB-000038662?language=en_US  at point
8. SNAT policy not applied for mails forwarded to mail server hosted on cloud

  • By default, the firewall policy is applied only for outbound mails.
  • The firewall policy does not get applied on inbound emails received from the internet and are expected to be delivered to mail servers hosted on the cloud like O365 and G-suite. So the SNAT policy is not applied to those emails.
  • To apply a firewall policy for all traffic, update disable_offline_relateto ‘no’ in the file /static/proxy/smtp/scanner.conf and restart the SMTPd service.
    • disable_offline_relate = no

The questions are:

Is my supposition correct?

How can be disable_offline_relate changed?
I don’t have found any suggestion in https://doc.sophos.com/nsg/sophos-firewall/18.5/help/en-us/webhelp/onlinehelp/CommandLineHelp/ConsoleAccess/index.html



This thread was automatically locked due to age.