XGFW blocked local mail server's sending to WAN (RDNS)

Hi Harim,

Could you please share the screenshot of your routing domains from SMTP MTA policy ?

Because,

If you have created the SMTP MTA policy only for domain netspheres.org (domain 1) and not created any policy for sophos.com (domain 2). In your example emails from domain 1 to domain 2 (i.e. outbound emails) XG should not check for missing RDNS. But if you also have added sophos.com (domain 2) as domain in your SMTP policy your example email classified as inbound email and XG validates the DNS PTR record, and could reject the connection.

As mentioned in earlier response on this post, Also you could temporary add your email source (host/domain) in exception for RDNS untill you get rid of it.  

Unknown said:

Is the mailserver using the XG as a Mail Relay (Smarthost) or is it trying to send out direct through the XG?

send out direct through the XG. Not using smarthost.

Unknown said:

Could you please share the screenshot of your routing domains from SMTP MTA policy ?

Maybe not the case.

Hello Harim, 

Thank you for detailed information and appreciate the efforts.

Engineering team has traced this change as the issue. RDNS policy should not checked for outbound emails.  This issue will get fixed in next release.  By the time please use SMTP Exception policy (i.e. create exception policy to skip RDNS checks based on sender domain or the source host IP).

Hello Harim, 

Thank you for detailed information and appreciate the efforts.

Engineering team has traced this change as the issue. RDNS policy should not checked for outbound emails.  This issue will get fixed in next release.  By the time please use SMTP Exception policy (i.e. create exception policy to skip RDNS checks based on sender domain or the source host IP).