Hello
I am setting up XG in MTA mode. It is to replace an SG.
There are local email servers that handles all emails for the domain. There is also a public network that runs through the Sophos.
First I have configured the relay settings to only allow the email servers for host based relay. I have also reconfigured upstream hosts to only allow from a 3rd party mail filtering system.
A SMTP policy is setup for the domain to static route to the email servers.
Device access is set to SMTP Relay allow in LAN and WAN.
Email servers are setup to use the XG as smarthost.
Why do I want the automatic firewall rule it made? As far as I can tell this will allow open SMTP traffic for the public or anywhere else that comes through the Sophos. Everything else like the email servers should be able to relay off the XG with the relay settings above right?
With the above configuration is it safe to delete the rule? I have other rules that define what the Public can do.
This thread was automatically locked due to age.