Device Configuration : Protect : Email : Relay Settings
Relay Settings
Sophos Central Firewall Manager can be used to configure Sophos XG Firewall device(s) to act as Email relay which allows specific hosts to relay (i.e., send) emails through it to specified domains.
* This feature is applicable only on Sophos XG Firewall device(s) where MTA Mode is enabled.
Outbound Relay Settings
Allow Relay from Hosts/Networks
Select the hosts/networks which can use Sophos XG Firewall device(s) as an Email relay. You can use Create New link to create a new host.
It is extremely important not to select Any in Allowed Hosts/Networks, because this would result in an open relay, allowing anyone on the Internet to send messages through Sophos XG Firewall device(s). Spammers will quickly recognize this, leading to massive email traffic. In the worst case, you will be listed on 3rd party spammer blacklists. In most configurations, the only hosts that should be allowed to relay emails are the mail servers in your network.
Block Relay from Hosts/Networks
Specify the hosts/networks whose outbound Emails should be blocked by Sophos XG Firewall device(s). You can use Create New link to create a new host.
Inbound Relay Settings
Allow Relay from Hosts/Networks
Specify the upstream hosts/networks from where you want to allow inbound Emails, typically your ISP or external MX. You can use Create New link to create a new host.
Block Relay from Hosts/Networks
Specify the hosts/networks whose inbound Emails should be blocked by Sophos XG Firewall device(s). You can use Create New link to create a new host.
Authenticated Relay Settings
Enable Authenticated Relay
Enable to allow the authenticated users or groups selected below to use Sophos XG Firewall device(s) as Email Relay.
Users or Groups
Select the users or groups to be allowed to use Sophos XG Firewall device(s) as Email Relay. You can use the Create New link to create a new user or group.
Apply
Click to save the configuration.
Relay and Routing Scenarios
The table below explains the scenarios in which Sophos XG Firewall device applies routing, inbound relay or outbound relay on an Email.
Sender Domain
Recipient Domain
Routing (Static or MX)
Outbound Relay
Inbound Relay
Known
Known
Yes
NA
NA
Known
Unknown
NA
Yes
NA
Unknown
Known
Yes
NA
Yes
Unknown
Unknown
NA
Yes
NA