Hello,
I need support with configuring mail traffic (SMTP) from external via noSpamProxy (DMZ) to the internal Exchange (LAN) and back again.
I have largely followed the Sophos instructions "Protect internal mail server in legacy mode" ( ( https://docs.sophos.com/nsg/sophos-firewall/20.0/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailProtectInternalMailServerLegacyMode/index.html ) but the mail flow doesn't really work - sometimes mails arrive from external sources, sometimes not... (e.g. when I have recreated the firewall and NAT rules). The same goes for mails from internal to external sources - it works like a bag of fleas - completely uncontrolled.
The following configuration:
WAN: Public IP
DMZ: noSpamProxy (10.0.1.10)
LAN: Exchange (192.168.200.15)
My settings on the Sophos XGS (20.0.2 MR-2 Build 378) are as follows:
Firewallrules
Otherwise, the other properties of the firewall rules remain unaffected, in particular no DPI or “Scan SMTP(s)” is not activated.
NAT-Rules
Edited TAGs
[edited by: Erick Jan at 12:25 AM (GMT -7) on 30 Sep 2024]