This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Force mandatory TLS for certain domains not Hosts/Nets (OUTGOING)

Hello Sophos folks,

 

we are in the process of migrating away from several systems, including a Symantec Messaging Gateway and replacing them with a Sophos UTM9 SG125.

With the Symantec solution, it was possible to force TLS while sending to a specific Domain.

We tried to recreate this setup with our sophos solution as mail relay without avail.

It seems to be possible to force TLS for specific HOSTS/NET's in the SMTP->Advanced section of the machine, but unfortunately not for Domains.

This is a major drawback since MX records can change, and adding all MX records for all necessary domains would be a huge pain...

 

Is there some way, either by modifying the exim configuration or some sorts, to recreate this functionality?

We saw, that there is a option to enforce TLS for incoming mail, we would need this functionality just the other way around.

 

 // EDIT - found something which might help, but I'm unsure about the sideeffects and also the void of warranty of our sohpos box if implemented:

 https://github.com/Exim/exim/wiki/Forcing-TLS-to-and-from-a-specific-domain

Thanks in advance.

Ferit 



This thread was automatically locked due to age.