This feature requires a subscription. It can be configured but cannot be enforced without a valid Email Protection subscription.

From the email tab, you can configure SMTP/S, POP/S and IMAP/S settings, email security policies, secure PDF eXchange (SPX) and data control.

The device offers comprehensive email security, preventing sophisticated forms of zero-hour threats and blended attacks involving spam, botnets, phishing, spyware and more. The basic email protection configuration includes:

  • Creating policies to allow or deny email traffic to and from your email server.
  • Apply spam, malware, data and file protection on email traffic.
  • SPX
  • configuring an email threshold size for scanning
  • specifying action to be taken if a virus is detected
  • blocking mails based on sender or recipient
  • blocking mails with certain file types.

SMTP deployment modes

Two deployment modes are available:

  • Legacy mode
  • MTA mode

Legacy mode

In legacy mode, Sophos XG Firewall acts as a transparent proxy that scans emails for malware and spam, applies SPX encryption and data protection.

MTA mode

In MTA mode, Sophos XG Firewall acts as a mail transfer agent (MTA). MTA is a service that is responsible for receiving and routing emails to their specified destinations.

Use MTA mode deployment if you need to route emails instead of forwarding email traffic as proxy.

In MTA mode, Sophos XG Firewall performs the following functions:
  • Performs relaying and routing of emails. You can configure relaying of emails from Email > Relay settings.
  • Protects multiple email servers using SMTP policies. You can define the protection on your email domains from Email > Policies > SMTP policies.
  • Displays email messages that are either in-wait or failed to be delivered in the Email > Mail spool.
  • Displays logs for all the emails processed by the device from Email > Mail logs.