This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple SMTP smart hosts

I want to send outgoing emails via multiple smart hosts as we subscribe to an email scanning service and they provide two one outbound hosts.

UTM only allows one smart host in the list and it must be a host not a DNS group.

My initial idea was to set up a hostname in my internal DNS that would point to the two outbound hosts, then UTM would use one or the other. However I don't think that will work, for two reasons.

Firstly, I can set up two A records but I'd need to plug in the IP addresses and if they change I'll have to manually change my DNS. (I would use CNAMEs but I can't have multiple CNAMEs with the same hostname.) Therefore this method is not reliable.

Secondly, if one of the outbound hosts is down, I don't think Sophos will retry using the other host anyway - as far as UTM knows, it's a single outbound host, so why do another DNS lookup (which may return the same host anyway) and retry?

The best solution would be if Sophos allowed multiple smart hosts, but until that happens ([sn]) what's my alternative? The best I have come up with is...use one smart host only, which isn't really a solution!



This thread was automatically locked due to age.
Parents
  • You could create an availability group with both smart hosts in it. By default Sophos will use the first available starting from the top. If the first is unavailable it will try the second and so on.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • A great idea, thanks! I have just checked and the outbound hosts don't respond to ping but I'll try a TCP to port 25 and see if that works. It'll have to be out of hours though.

Reply Children
No Data