Example 1: Trusted Upstream Mail Relay

You have an upstream mail relay (5) that accepts email from the internet for a number of domains. This relay distributes email to the mail servers in the regional offices of your organization, including your Sophos Email Appliance. You have configured the appliance to recognize this mail host as a trusted relay. This enables the appliance to provide:

  • correct reputation filtering.
  • better efficiency during spam checks.
  • a higher spam catch rate.
  • improved reporting (mail from their server will not appear on spam reports).

Valid emails , as well as spam messages relayed through your upstream mail relay (5) will be received by the appliance (6). Both will be identified as having been sent from a trusted relay.

This allows the Sophos Email Appliance to correctly identify which relays are the first untrusted relays (1 and 2). Correctly identifying the first untrusted relays enables more accurate reputation and spam checking, and significantly enhances reporting and troubleshooting.

This, in turn, allows the appliance (6) to effectively stop messages from external untrusted relays that are sending unwanted emails (2), while still delivering valid messages to the appropriate mail delivery server (8) that are sent by other external untrusted relays (1).

Mail from other external (untrusted) relays (3 and 4) will continue to be received and correctly processed by the appliance (6). Messages from servers sending unwanted messages (3) will continue to be blocked, and messages from servers sending valid messages (4) will continue to be delivered to the appropriate mail delivery server (8).

A trusted relay is essentially transparent to the appliance. All incoming mail will appear to be coming directly from the internet. This helps ensure that reputation filtering, spam checking, reports, and logging will function accurately and efficiently.

Whenever a mail relay can be trusted to not be a source of spam, you should add it to the trusted relays list. Examples of trusted mail relays include corporate mail gateways, mail servers owned by business partners, or a mail relay managed by your ISP.