Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Policies and exceptions

You can specify routing, protection, and encryption settings for emails related to protected domains. You can create exceptions from checks for specific senders and recipients.

  • To add an SMTP policy, click Add policy and then click SMTP route and scan.
  • To add a POP-IMAP policy, click Add policy and then click POP-IMAP scan.
  • To skip checks for specific senders and recipients, click Add an exception and specify your settings.
  • To edit a policy, click Edit Edit button..

Note

Sophos Firewall automatically applies the default POP-IMAP scan policy (default-pop-av) to POP3/S and IMAP/S traffic when you subscribe to the email protection module. It strips virus-infected attachments from emails and replaces the email body with a notification message.

Policies

With policies, you can apply spam and malware checks as well as file and data protection for inbound and outbound emails. You can specify quarantine, encryption, and notification settings.

  • To add an SMTP malware policy, click Add policy and then click SMTP malware scan.
  • To add an SMTP spam policy, click Add policy and then click SMTP spam scan.
  • To add a POP-IMAP policy, click Add policy and then click POP-IMAP scan.
  • To edit a policy, click Edit Edit button..

Note

In legacy mode, Sophos Firewall acts as a transparent mail proxy.

Sophos Firewall applies the following default policies automatically when you subscribe to the email protection module:

  • SMTP malware scan policy (default-smtp-av) to SMTP traffic.
  • POP-IMAP scan policy (default-pop-av) to POP3/S and IMAP/S traffic. It strips virus-infected attachments from emails and replaces the email body with a notification message.

More resources