Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Hello:
I have some listings of the differences between MTA and legacy but does any one have a definitive list of what is lost in using legacy versus MTA? So far I have seen:
MTA
- provides a spooler should the mail server become unavailable
- does some extra SPAM checks (which ones?)
Legacy
- transparently sits between outside and inside
Can anyone fill in the blanks for me on this? I inquired with Sophos and they have no official documentation on the differences between the two modes which is a failing in my mind.
Thanks!
Hello Cameron Robitaille,
The MTA acts as a forwarder, performing some checks on RBL from Sophos or from third parties, Greylist, Malware Scanning. In this mode, no firewall rule is required.
In Legacy mode, there is the possibility of creating Whitelist / Blacklist rules of origin and destination (in MTA mode this is not possible), malware scanning, and you must create Firewall rule so that the emails are forwarded to the servers.
Good for me these are the main observations on the modes of operation of email in sophos xg. Unfortunately, when choosing a mode, we give up some functionality.
Best Regards,
Please check out the XG online help guide for information regarding these two modes.
As well, please reference the pocket guides available for MTA mode and Legacy mode.
Regards,
FloSupport | Community Support Engineer
The big one for us was that Legacy doesn't have the daily spam digest email where users can click a link in a report and instantly release their quarantined email. MTA is a proper anti-spam solution not just a mail proxy. Where-as legacy is just a glorified NAT rule passing everything to exchange.