The SMTP proxy of Sophos UTM lets you create alternative SMTP profiles, which can then be associated with different domains. That way you can specify domains that should use a different profile other than the default profile configured in Email Protection > SMTP. The order of the functions, structured as tabs, reflects how each step gets processed one after the other during SMTP time.
To create an SMTP profile, proceed as follows:
Enable the SMTP profile mode.
On the Email Protection > SMTP > Global tab select Profile Mode and click Apply.
The SMTP profiles creation in the Email Protection > SMTP Profiles menu is enabled.
On the SMTP Profiles tab, click New Profile.
A dialog box opens.
Add one or more domains.
Add one or more domains to the Domains box.
Settings of this profile will be applied for those domains.
Make the following settings:
You only need to make settings for functions you want to use. For each of the following functions you can decide whether to use individual settings defined here or global settings defined under Email Protection > SMTP. By default, the global settings option is selected. The individual settings for each function are described below.
Note – Encrypted emails whose sender address includes a domain name configured here cannot be decrypted when using the email encryption/decryption engine of Sophos UTM. Therefore, no profile should be added for external email domains.
All settings that you can define here can also be set globally in Email Protection > SMTP. Therefore only a list of settings and the differences from the global settings are given here, along with cross-references to the respective global setting where detailed information can be found.
The following settings can be made:
Routing: On the Routing tab you can configure domain and routing targets for the SMTP proxy and define how recipients shall be verified.
For detailed information please refer to Email Protection > SMTP > Routing.
Verify Recipients: Here you can specify whether and how email recipients are to be verified.
In Active Directory: A request is sent to the Active Directory server to verify the recipient. To be able to use Active Directory you must have an Active Directory server specified in Definitions & Users > Authentication Services > Servers. Enter a base DN into the Alternative Base DN field and select the Active Directory server.
Note – The use of Active Directory recipient verification may lead to bounced messages in case the server does not respond.
For detailed information please refer to Email Protection > SMTP > Routing.
Sophos UTM RBLs: Here you can block IP addresses linked to spamming.
For detailed information please refer to Email Protection > SMTP > Antispam.
BATV/RDNS/HELO/SPF/Greylisting: This tab gathers various other advanced options increasing the antispam capability of Sophos UTM.
For detailed information please refer to Email Protection > SMTP > Antispam.
Malware Scanning: You can configure how to proceed with messages that contain malicious content. The following actions are available:
You can choose between the following malware scan options:
Quarantine unscannable and encrypted content: Select this option to quarantine emails whose content could not be scanned. Unscannable content may be encrypted or corrupt archives or oversized content, or there may be a technical reason like a scanner failure.
For detailed information please refer to Email Protection > SMTP > Malware.
Antispam Scanning: Here you can decide how to deal with unsolicited commercial emails. Both for spam and confirmed spam you can choose between the following actions:
For detailed information please refer to Email Protection > SMTP > Antispam.
MIME Audio/Video/Executables blocking: The MIME type filter reads the MIME type of email contents. You can select which content types you would like to quarantine:
For detailed information please refer to Email Protection > SMTP > Malware.
Data Protection Configuration: Here you can add attachments to the scan list, set notifications and select items from the SophosLabs Content Control List.
For detailed information please refer to SMTP > Data Protection.
Click Apply.
Your settings will be saved.The new profile appears on the SMTP Profiles list.
Note – When you select Use global settings for a topic and click Apply, the icon of the function changes to the global settings icon. By this, you can easily get an overview on which functions global settings or individual settings are applied.
To either disable, rename or delete a profile click the corresponding buttons at the top below the profile drop-down list.
© 2019 Sophos Limited | Sophos UTM 9.600 |