How to I configure Email Protection using MTA Mode in Sophos xg v17

Hey Ramon Cayuela 

Please reference the following pocket guide and KBA's:

Protect Cloud hosted Email Server-MTA Mode

• Sophos XG Firewall: How to configure Email Protection in MTA mode
• Sophos XG Firewall v17: How to configure Smarthost
• Sophos XG Firewall: Office 365 email setup
  • Refer to this KBA for the setup but with your third-party email cloud provider info used.

I'd also advise to inquire with your third-party email provider to confirm the details of their configuration.

Hope this helps, please feel free to reach out if you run into any issues.

Regards,

Hi FloSupport

I followed you information guide but I share with you my configuration because I using outlook can't send email, I receive the following error: Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator.

Here I try using Port 25 and 465 and nothing.

These is all my setting, let me know if I have any bad configuration or the issue is with my mail provider. 

Thanks a lot.

Hi Ramon,

Apologies for this inconvenience, the XG (at least for v17.1.3 MR-3 and below) currently only supports the following authentication methods:

• PLAIN
• Digest MD5
• CRAM MD5

Please verify that this is also configured on your mail providers end.

Regards,

Hi Ramon,

Apologies for this inconvenience, the XG (at least for v17.1.3 MR-3 and below) currently only supports the following authentication methods:

• PLAIN
• Digest MD5
• CRAM MD5

Please verify that this is also configured on your mail providers end.

Regards,

I am not quite sure, if this is also true for V17.5 because of the switch to exim.

It is worth to test it! 

https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v17-5-early-access/

Feel free to try it with V17.5 Beta!

I have installed in this moment the firmware version SFOS 17.0.6 MR-6, I need upgrade at least to v17.1.3 MR-3 ?? 

Hi Ramon,

LuCar was suggesting that you participate and upgrade to our SFOS v17.5 EAP Beta as it utilizes Exim MTA, which may be able to resolve your authentication compatibility issues (if this is the case).

Hi FloSupport, 

Yesterday we proceeded to upgrade firmware in the sophos of version 17.0.8 MR-8 >> 17.1.3 MR-3 after that 17.5.0 Beta-2 with Support. Looking to resolve some issues of authentication methods that have support in the version 17.5.0 Beta2, but it happened that the router change by default when the upgrade was made. We contacted support to solve the problem and it was not possible, because when the restore was made the utm changed again to version 17.1.3 and it was not maintained in version 17.5 with the settings.

we stayed in version 17.1.3 MR-3

[Post modified to remove personal data of Sophos employees as indicated in accordance with Community Terms of Service and data protection law}