Routing

On the Routing tab you can configure domain and routing targets for the SMTP proxy and define how recipients are to be verified.

To configure the SMTP proxy routing, proceed as follows:

  1. Enter your internal domain(s).

    To enter your email domains, click the Plus icon in the Domains box.

    In the appearing text box, enter the domain in the form example.com and click Apply. Repeat this step until all domains are listed. You can also use wildcards in different ways. For example *.me.mycompany.de, *.mycompany.de, *.me*.mycompany.*e, **.mycompany.*. It is not allowed to use only '*'.

    In Profile Mode: Enter only domains that use global settings. All other domains should be listed in their respective profiles.

  2. Specify the internal server.

    From the drop-down list Route by, select the host to which emails for the domains listed above should be forwarded to. A typical target host would be the Microsoft Exchange Server on your local network. You can choose between different server types:

    • Static host list: Select a host definition of the target route in the Host list box. Note that you can select several host definitions for basic failover purposes. If delivery to the first host fails, mail will be routed to the next one. However, the (static) order of hosts cannot be determined with the current version of Sophos UTM on AWS and is somewhat accidental. To randomize delivery to a group of hosts so as to additionally achieve basic load balancing capability, use the DNS hostname route type and specify a hostname that has multiple A records (an A record or address record maps a hostname to an IP address).
    • DNS hostname: Specify the fully qualified domain name (FQDN) of your target route (e.g., exchange.example.com). Note that when you select a DNS name having multiple A records, mail to each server will be delivered randomly. In addition, if one server fails, all mail destined for it will automatically be routed to the remaining servers.
    • MX records: You can also route mail to your domain(s) by means of MX record(s). If you select this route type, the mail transfer agent of Sophos UTM on AWS makes a DNS query requesting the MX record for the recipient's domain name, which is the portion of the email address following the "@" character. Make sure that the gateway is not the primary MX for the domain(s) specified above, since it will not deliver mail to itself.
  3. Click Apply.

    Your settings will be saved.

Recipient Verification

Verify Recipients: Here you can specify whether and how email recipients are to be verified.

Click Apply to save your settings.

Related Topics Link IconRelated Topics