Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 34809 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MTA to Smart Host, has this been implemented in XG yet?

JohnKenny

I use a Smart host for Email, Does Sophos XG support this yet??  if not is there an ETA? This is whats holding up some of my upgrades from UTM.

Thanks

 



This thread was automatically locked due to age.
  • 0 in reply to dma0

    For what it may be worth for others who had a bit of trouble setting this up, I managed to figure our how to get the relay function working. It turns out that it was rather straightforward.

    In UTM9, I had set devices to send e-mail to the UTM IP address. UTM then forwarded the e-mail on to my ISP's SMTP server. When I did that in XG, as far as I can tell what ended up happening is that XG would then attempt to forward to itself, resulting of course in non-delivery. Setting the ISP SMTP server on the device sending the e-mail fixed things. As far as I can tell, XG would intercept the e-mail, scan it, then send it on its merry way to the ISP's SMTP server. 

    The upstream server can be left as <Any> and XG will just send to the server designated on the device.

    Just mentioning in case anyone else was experiencing the same issue.

  • 0 in reply to dma0

    DMA0,

    thanks for sharing your "workaround". XG is missing this feature and they have to implement it. We need the same feature working as UTM9 as you mentioned.

    Thanks again for your idea.

  • 0 in reply to dma0

    dma0 said:

    Setting the ISP SMTP server on the device sending the e-mail fixed things. As far as I can tell, XG would intercept the e-mail, scan it, then send it on its merry way to the ISP's SMTP server.  

    Any updates on this? I'm running SFOS 16.05.7 MR-7 and I cannot find any smarthost setup there. If you're statement is working, please share more details, I cannot see why the XG should scan it, if its not setup as a proxy, but a MTA. Outbound security scanning of emails will not work than.

  • 0 in reply to Bizcocho

    Sorry not sure I fully understand your question. I have no updates as I've been able to get e-mail transmitted through XG from devices on my LAN. If it's of assistance following are the settings I used:

     - in Email - General Settings, I set SMTP Deployment Mode to MTA
    - in Email - Relay Settings, under "Host Based Relay - Allow Relay from Hosts/Networks" I've added "LAN"; under "Upstream Host -  Allow Relay from Hosts/Networks" I've set that to "Any"; and under "Authenticated Relay Settings" I've checked the box to Enable Authenticated Relay and permitted Any User or Group.
     
    That's basically it for XG.
     
    For each device on my LAN that needs to transmit e-mail, I've set the SMTP server on the device to the SMTP server address of my ISP.
     
    This seems to work for me. As far as I can tell, XG does scan outgoing e-mails, though under "General - Advanced SMTP Settings" I did select it to do so. Unfortunately I'm not sure I understand your comments on scanning. All I can say is that with the settings above the logs in XG seem to indicate that outbound e-mail is scanned. 
     
    Hope this might be of some assistance.
     
    Bizcocho said:
    Any updates on this? I'm running SFOS 16.05.7 MR-7 and I cannot find any smarthost setup there. If you're statement is working, please share more details, I cannot see why the XG should scan it, if its not setup as a proxy, but a MTA. Outbound security scanning of emails will not work than.
     
  • 0 in reply to dma0

    dma0,

    on v17, MTA has improved. You can try a test with the beta and see if the feature has been improved.

    Regards