Email Protection auto generated MTA Firewall Rule

Question

Hi, I can't seem to find a clear answer as to why the auto generated MTA firewall rule is needed. As I understand it, in MTA mode emails are being 'handled' by the firewall rather than just traffic passing through it, so access should be controlled by 'Device access' not 'Firewall rules'. To complicate the matter further, the docs state that "By default, firewall rules apply only to outbound mails.". 
 Auto creating a wide open firewall rule that isn't needed seems a strange way to approach security!

LuCar Toni · Accepted Answer

Essentially we are using the MTA rule to give the Exim (MTA Service) a way to communicate through the system. 
 This rule is used for allowing the own traffic for email traffic (out and inbound). 
 You should not delete it, as it might corrupt your email traffic, as the firewall cannot find a rule to allow outgoing / inbound email traffic. 
 You can modify the rule, if you want to, the core principle, it should still exists. I also saw people disable the rule (not deleting) and it is fine. 
 Essentially the rule transform the firewall to perform transparent SMTP scanning as well, by forwarding the traffic (port25) through the firewall to the MTA.

Vivek Jagad · Answer

Hi jtaylor , Thank you for reaching out to the community, you can limit services to emails services...

Vivek Jagad · Answer

Hi jtaylor , The Auto added firewall policy for MTA(Mail Transfer Agent), is used to protect mail servers which are hosted internally in a network and require protection. This rule does not mean it will allow any traffic from any source.

Email Protection auto generated MTA Firewall Rule

Top Replies