Email flow to Exchange server stops

Question

Sophos XGS 2300 running 20.0.1 
 Internal exchange server 
 DNAT rule allowing passthru of SMTP traffic to the exchange server. ports 25,465,587. 
 From time to time we stop receiving email. to fix, we reboot the sophos firewall. 
 When it stops working, I try a telnet connection to port 25 on the email server from outside and get no response. 
 This happens maybe once every 6 months, 
 I have another Sophos XGS126 20.0.1 running in MTA-Mode. This has done the same requiring a reboot. 
 The fact it will work fine for several months before data flow stops would suggest the Sophos rules are setup correctly. 
 Ideas?

Mayur Makvana · Answer

Hello, 
 Thank you for contacting Sophos Community! 
 For Legacy mode, we request you to have awarrensmtp service in debug and share us the logs when an issue occurs. 
 Use the below KBA to know service and associated log file. 
 https://docs.sophos.com/nsg/sophos-firewall/19.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/ServicesAndPorts/DefaultAddressesAndPorts/index.html ) 
 Login to the Firewall CLI, go to option number 5 & 3. Use the below command to add the service in debug. 
 #service awarrensmtp:debug -ds nosync (Use the same command to disable the debug after collecting the below logs). 
 #tail -f /log/awarrensmtp.log 
 For MTA mode, kindly review below KBA: 
 https://support.sophos.com/support/s/article/KB-000038662?language=en_US 
 We also advice opening service request as the issue occurs intermittently and hence the team can help you add the services in debug and also can help with how to collect the rotating logs.