Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1503 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mail scan in-/outbound (no local mail server existing)

ChrisGER

hi community,

i am a bit unsure right now whether my current configuration is correct.

My requirements
Scan all mails/Attachments on the XG -> so far it looks good.
 

The running rule



My Challange
The Business rule description "Allows scanning of POP3/IMAP client traffic by Email Scanning Rules".
How to reduce the in-/outbound traffic to two dedicated mail providers.
 
In the article https://community.sophos.com/kb/en-us/123663 is the description "Email Server(SMTP)" and outbound "Email Clients".
 
Is there a document existing, how to configure the XG mail scan wihout Email Server in the DMZ/LAN and limit the access to mailserver (WAN) by useing FQDN groups ?
 
Thx forward
Chris



This thread was automatically locked due to age.
  • 0

    Hi,

    you will need to install the XG CA on all your devices.

    This is part of my mail rule with meets most of your requirements.

    Ian

  • 0 in reply to rfcat_vk

    Hi LAN,

    thanks for the quick response. The certificates are allready existing, but the rule was not realy customized for normal operation with the dedicated mail providers.
     
    I've created a new business rule, based on POP/IMAP Client template and

    Source = LAN
    Destination = WAN (dedicated FQDNs from my Mail provider)

    I send some Mails with attachments from LAN to WAN and back -> looks like working fine [Y]
    All other Mail rules are disabled for intensive testing. If all is OK, the disabled rules will be deleted.


    Thanks again for your quick response
    Chris

     

  • 0 in reply to ChrisGER

    Hi Chris,

    a little bit of extra information. Expect to see strange results in the daily reports regarding email until at least 17.5.6 MR-6.

    Ian