General Email Protection Inquiries

Question

Hello, 
 I have a couple of questions regarding Mail Protection, would appreciate some pointers and/or feedback: 
 
 Can I reuse the web filtering CA as the POP3 proxy certificate (instead of creating and deploying a dedicated certificate for the POP3 proxy)? 
 I assume that SMTP protection isn't necessarily needed in my situation, as the internal mail server (behind the UTM) is mainly relaying outgoing email through third-party email providers, but can I force all SMTP traffic from all interfaces to be sent/relayed via the internal mail server? 
 
 Thanks!

BAlfson · Accepted Answer

Hi Andrew and welcome to the UTM Community! 
 
 I doubt it, but I haven't tried it. The default is the "Local X509 Cert" which was created during the installation process - no extra creating and deploying required. 
 The SMTP Proxy can provide antivirus and anti-spam for outbound mail. I assume that you're not talking about inbound emails, rather ones originating on other internal Ethernet segments connected to the UTM. If you just use a firewall rule like '{Mail server} -> SMTP/S -> Internet IPv4 : Allow' and you don't create an SMTP/S Allow rule for anything else, only email sent to the mail server will be allowed. My Basic Exchange setup with SMTP Proxy post might help you if you're going to enable the SMTP Proxy. 
 
 Cheers - Bob