This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM Office 365 Mailflow

Hello,

We have a UTM in use. Incoming mails reach us without any problem. Outgoing mails are partially rejected. The error message appears. "SMTP error from remote mail server after end of data: 554 5.4.14 Hop count exceeded - possible mail loop ATTR1".

What is the reason for this and how can I possibly solve this problem?

Thanks a lot!

Regards Leon



This thread was automatically locked due to age.
Parents
  • Sophos UTM does not officially support O365 in a secure manner. As you have to use a host based relay (Based on IP), O365 offers a commonly used IP. There is no check, that those emails are from your Account. O365 does not support authentication relay either. Therefore the implementation is insecure and most likely not smart (Combining a on premise solution with a cloud based solution seems odd to me). 

    __________________________________________________________________________________________________________________

Reply
  • Sophos UTM does not officially support O365 in a secure manner. As you have to use a host based relay (Based on IP), O365 offers a commonly used IP. There is no check, that those emails are from your Account. O365 does not support authentication relay either. Therefore the implementation is insecure and most likely not smart (Combining a on premise solution with a cloud based solution seems odd to me). 

    __________________________________________________________________________________________________________________

Children
  • Thank you for your answer.

    The customer has removed the old local exchange server and is now using the Office 365 cloud solution. The customer is aware that this is not the most secure solution but does not want to change it. At the moment there is a host-based relay entry with the Office 365 IP addresses. Nevertheless, there are frequent mails that are rejected due to a mail-loop. Do any other settings need to be made on the UTM?

    Thank You!

  • I can only recommend to switch to Central Email for a integration. 

    __________________________________________________________________________________________________________________

  • Agreed with Toni - none of my clients uses outbound SMTP Proxy with O365.  I would also suggest Sophos Phish Threat to help your colleagues learn to avoid falling prey to phishing attempts.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA