Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Notification settings

Configure a mail server and email settings to send and receive alert emails.

Introduction

You can configure email notifications for system-generated events and reports. You can use either the built-in mail server or an external mail server.

Set up built-in email server

To use the built-in email server to send notifications, do as follows:

  1. Click Administration > Notification settings.
  2. Turn on Built-in email server.
  3. Configure your email settings.

Set up an external mail server

To use an external mail server to send notifications, do as follows:

  1. Click Administration > Notification settings.
  2. Turn on External email server.
  3. Specify the mail server IPv4 address or FQDN and the port number. Default port: 25.
  4. Turn on Authentication required to authenticate the user before sending an email.
    1. Specify Username and Password.
  5. Choose the Connection security mode to use between the SMTP client and the server. The certificate used by Sophos Firewall depends on the email mode and connection security mode.

    Option Description
    None Sends notifications in plain text.
    STARTTLS Follows the mail server’s security preference. If the mail server responds with STARTTLS, a secure (SSL/TLS) connection is established. If the mail server responds with none, notifications are sent in plain text.
    In MTA mode, Sophos Firewall uses the certificate specified in Email > General settings.
    In legacy mode, you can select a certificate under Administration > Notification settings. If you don't select a certificate, Sophos Firewall uses the certificate specified in Email > General settings.
    SSL/TLS Sends notifications through SSL/TLS connections. Sophos Firewall uses the certificate specified in Email > General settings.

    Note

    To continue to allow notifications to mail servers that have invalid certificates, select Allow invalid certificate in Email > General settings. We recommend that you don’t allow connections with an invalid certificate.

  6. Now configure your email settings.

Configure email settings

To configure your email settings, do as follows:

  1. Enter the sender and recipient email addresses.
  2. Select an interface from the Management interface IP address list. The IP address of the selected interface is sent in email notifications.

    You can specify a physical, bridge, or LAG interface. The list shows only interfaces to which you’ve assigned IP addresses.

    If you’ve deployed more than one Sophos Firewall, the IP address helps you identify the management interface from which a notification is sent. If you’ve deployed only one, you can select None.

  3. You now need to turn on email notifications. To do this, go to System services > Notification list.

More resources