This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can I Bypass The Outbound SMTP Proxy For A Given Destination?

Hi All,

We have signed up for a trial of the Sophos hosted Email Gateway. We currently have an SG 135 (v9.703-3) with a 2016 Exchange server behind it. I'm testing with one of the domains we don't use (domainA.com). Right now, it looks like the UTM is capturing all of the outbound traffic and rerouting it based on the domain names MX record rather than letting it through to the Smart Host. I have 2 Send Connectors setup in Exchange - one for Exchangeto route all internet mail using MX records and one that routes all mail destined to domainB.com to the Sophos smart host for testing. According to the Exchange Transport logs, Exchange looks like it wants to route to the Smart Host correctly. But, I see the message in the SMTP proxy log on the SG get routed directly to the domainB.com mail server and not be sent to the Sophos Central Email Gateway. When I look at the logs on the Email Gateway there appears to be no activity.

The only thing I can think of doing is somehow bypassing the SMTP proxy for traffic destined to the Smart host. Does that sound like the way to go?

Thanks!



This thread was automatically locked due to age.
Parents
  • Hey Dave,

    Sounds like you might be moving away from the UTM, but you might be interested in Basic Exchange setup with SMTP Proxy.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • We might be moving away from the UTM for mail protection. But, until we figure that out, I need to work in hybrid mode, so to speak.

    I've looked over your guide before and have everything set in place apart from the transparent mode being turned off. My main question right now is what will happen to our mail flow when I turn transparent mode off?

  • Why do you think you need Transparent mode at all, Dave?  I only recommend it for specific debugging uses.  I think having it on exposes the organization to getting its IP blacklisted.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Why do you think you need Transparent mode at all, Dave?  I only recommend it for specific debugging uses.  I think having it on exposes the organization to getting its IP blacklisted.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hey Bob,

    I don't think I need it on. I don't know why it was on in the first place. My concern was with understanding the after-effects of shutting it off now that it is on. I needed to know what was going to fall out of the tree when I shook it ;)

    The good news is I just turned it off a few minutes ago and mail flow appears to be working fine. Time will tell. If everything is OK at the end of the day, I will mark initial answer as correct. Thanks for your help!