Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 25 subscribers
  • Views 1858 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

E-Mail Stuck as Failed in MailSpool

CreateShare

Hi,

After changing the mode to MTA, many of our e-mails are stuck in Mailspool and showing failed with the message "R=default_mx_router T=remote_smtp defer (-53): retry time out reached for any host for 'domain name'".

Is there a solution to this problem or we need to change it back to legacy mode?

Secondly, is Sandstorrm option the only difference between legacy and MTA mode?

Thanks.



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out, and welcome to the Sophos Community! 

    Please check out the MTA configuration on your firewall as per the following documents: 

    In your case, check if there's a default SMTP/SMTP scan rule that is turned on. Also, do you have multiple WAN interfaces or just one? 

    Legacy Mode: 

    In Legacy Mode, SF acts as a transparent proxy that scans emails for malware and spam, applies SPX Encryption and Data Protection. Refer to the following guides to see how SF can be configured to scan email traffic in Legacy Mode:

    MTA Mode:

    In MTA Mode, SF acts as a Mail Transfer Agent. A Mail Transfer Agent (MTA) is a service responsible for receiving and routing emails to their specified destinations.
    Deploy SF in MTA Mode when you want it to perform actual routing of emails compared to Legacy Mode, where SF only forwards the email traffic as a proxy.
    In MTA Mode, SF performs the following functions:

    • Performs relaying and routing of emails. You can configure relaying of emails from Email > Relay Settings.
    • Protects multiple Email Servers using SMTP Policies. From Email > Policies > SMTP Policies, you define the kind of protection you want to apply on each of your Email Domains.
    • Displays email messages that are either waiting or failed to be delivered in the Email > Mail Spool.
    • Displays logs for all the emails processed by the Device from Email > Mail Logs.

    Reference: Sophos Email Help

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out, and welcome to the Sophos Community! 

    Please check out the MTA configuration on your firewall as per the following documents: 

    In your case, check if there's a default SMTP/SMTP scan rule that is turned on. Also, do you have multiple WAN interfaces or just one? 

    Legacy Mode: 

    In Legacy Mode, SF acts as a transparent proxy that scans emails for malware and spam, applies SPX Encryption and Data Protection. Refer to the following guides to see how SF can be configured to scan email traffic in Legacy Mode:

    MTA Mode:

    In MTA Mode, SF acts as a Mail Transfer Agent. A Mail Transfer Agent (MTA) is a service responsible for receiving and routing emails to their specified destinations.
    Deploy SF in MTA Mode when you want it to perform actual routing of emails compared to Legacy Mode, where SF only forwards the email traffic as a proxy.
    In MTA Mode, SF performs the following functions:

    • Performs relaying and routing of emails. You can configure relaying of emails from Email > Relay Settings.
    • Protects multiple Email Servers using SMTP Policies. From Email > Policies > SMTP Policies, you define the kind of protection you want to apply on each of your Email Domains.
    • Displays email messages that are either waiting or failed to be delivered in the Email > Mail Spool.
    • Displays logs for all the emails processed by the Device from Email > Mail Logs.

    Reference: Sophos Email Help

    Thanks,

Children