SPX encryption in legacy Mode?

Hi Dirk,

There is no "Add SMTP Policy" option in Legacy Mode. You must use "SMTP spam scan".
1) You need to define the SPX template (Emali / Encryption / SPX template / Add), then
2) Set the SPX configuration with the defined SPX template, SPX portal, then
3) Add the email policy "SMTP spam scan" to name it, specify the senders and recipients, and most importantly,
specify the key in Message header / Subject, e.g. "!! SPX !! __", set the "accept" action and the previously defined SPX template .

Now in sent emails, the subject should be given: !! SPX !! __ [secure: <pass>] <normal subject>

Password (without <>) should be long enough, minimum 8 characters.

Regards
Jan

Hi Jan,

Could you please be more specific on how to do it?

You could PM me if you want.

I am wondering what should be the SPX portal?

Also I am testing with different policies but without any success.

Thanks in advance!

Hi,

In addition to what I wrote earlier, the configuration screens below. In the SPX Portal section, enter the IP address of the WAN interface accessible from the Internet..

Regards
Jan

Hi Jan

Thank you very much for the screenshots!

My config is identical but...it is NOT working :(

Somewhere somehow something along the road is not working.(I tought it will be simple)

Interesting is that in my organization we are using Exchange. I ma using XG135 in bridge mode(1 IP LAN to WAN).

In our client(last week I installed XG310) is using Kerio mail server.

Any other advice or suggestion?

Your help is HIGHLY appreciated! Thanks again!

P.S: maybe I am not writing description correctly or matching headers error?(I suspect it).

I have tried everything like "!! SPX !! _ [secure: pass]" and different combinations with spaces or not.

Hi Jan,

I am 100% sure I am missing something.

Is there some prerequisites for this?

Hi,

If it is Exchange / Outlook, the e-mail sender's domain should be entered into the group authorized for SPX encryption.
I have a slightly different situation, I have a mail server (GroupWise) in the local network and he sends emails, his IP is entered in the SPX group.
To check how it works, see the XG email logs to see if there are Email subject records: ***** Non-requested subject.

Regards
Jan

In addition - there should be a rule of firewall (Business Application Rule) LAN to WAN which scans outgoing mail (SMTP, SMTPS). Do you have one ?

Regards
Jan

Hello Jan, please take a look at all config.

Now i want to point out that email protection is not working at all:

Rules are working and scaning but mail policies not. I just have reports for email but everything is allowed!

It seems I cannot turn on email protection! XG in bridge mode just passing emails through.....any direction. :(

PLEASE HELP!

Any advice is high appreciated!

Hello Jan, please take a look at all config.

Now i want to point out that email protection is not working at all:

Rules are working and scaning but mail policies not. I just have reports for email but everything is allowed!

It seems I cannot turn on email protection! XG in bridge mode just passing emails through.....any direction. :(

PLEASE HELP!

Any advice is high appreciated!

Hi Kaloian,

So far, I haven't had the opportunity to configure XG in bridge mode, all my XG are in gateway mode.
Documentation shows that mail scanning should work in bridge mode, so SPX should also (I hope).

For XG to work with mail and SPX scanning in Legacy mode it should be:
1) Current, activated "Email Protection" license,
2) Firewall Business Application Rule LAN to WAN "Email Clients (POP & IMAP)" with scanning of all email protocols enabled,
3) Defined Email Policy for SPX (as I wrote earlier).

From the screens you have attached:
As you wrote before, you only have external mail servers, so all you need is the LAN to WAN rule
You do not have a SMTP rule to scan SPX.
I have as below:

Regards
Jan