SMTP Profiles
The SMTP proxy of Sophos UTM lets you create alternative SMTP profiles, which can then be associated with different domains. That way you can specify domains that should use a different profile other than the default profile configured in Email Protection > SMTP. The order of the functions, structured as tabs, reflects how each step gets processed one after the other during SMTP time.
To create an SMTP profile, proceed as follows:
-
Enable the SMTP profile mode.
On the Email Protection > SMTP > Global tab select Profile Mode and click Apply.
The SMTP profiles creation in the Email Protection > SMTP Profiles menu is enabled.
-
On the SMTP Profiles tab, click New Profile.
A dialog box opens.
- Enter a descriptive name for the profile.
-
Add one or more domains.
Add one or more domains to the Domains box.
Settings of this profile will be applied for those domains.
-
Specify the following settings:
You only need to make settings for functions you want to use. For each of the following functions you can decide whether to use individual settings defined here or global settings defined under Email Protection > SMTP. By default, the global settings option is selected. The individual settings for each function are described below.
Note – Encrypted emails whose sender address includes a domain name configured here cannot be decrypted when using the email encryption/decryption engine of Sophos UTM. Therefore, no profile should be added for external email domains.
All settings that you can define here can also be set globally in Email Protection > SMTP. Therefore only a list of settings and the differences from the global settings are given here, along with cross-references to the respective global setting where detailed information can be found.
The following settings can be made:
-
Routing: On the Routing tab you can configure domain and routing targets for the SMTP proxy and define how recipients shall be verified.
- Static Host List
- DNS Hostname
- MX Records
For detailed information please refer to Email Protection > SMTP > Routing.
-
Verify Recipients: Here you can specify whether and how email recipients are to be verified.
- With callout: A request is sent to the server to verify the recipient.
-
In Active Directory: A request is sent to the Active Directory server to verify the recipient. To be able to use Active Directory you must have an Active Directory server specified in Definitions & Users > Authentication Services > Servers. Enter a base DN into the Alternative Base DN field and select the Active Directory server.
Note – The use of Active Directory recipient verification may lead to bounced messages in case the server does not respond.
- Off: You can turn off recipient verification completely but this is not recommended for it will lead to higher spam traffic volume and dictionary attacks. Thus your quarantine is likely to be flooded with unsolicited messages.
For detailed information please refer to Email Protection > SMTP > Routing.
-
Sophos UTM RBLs: Here you can block IP addresses linked to spamming.
- Use recommended RBL Realtime Blackhole Lists
For detailed information please refer to Email Protection > SMTP > Antispam.
- Extra RBLs: You can add further RBL sites to enhance the antispam capability of Sophos UTM. For detailed information please refer to Email Protection > SMTP > Antispam. Note that, as a third option, you can add the global settings to your individual settings here.
-
BATV/RDNS/HELO/SPF/Greylisting: This tab gathers various other advanced options increasing the antispam capability of Sophos UTM.
- Reject invalid HELO/missing RDNS
- Use greylisting
- Use BATV
- Perform SPF check
For detailed information please refer to Email Protection > SMTP > Antispam.
-
Malware Scanning: You can configure how to proceed with messages that contain malicious content. The following actions are available:
- Off
- Quarantine
- Blackhole
You can choose between the following malware scan options:
- Single scan: Default setting; provides maximum performance using the engine defined on the System Settings > Scan Settings tab.
- Dual scan: Provides maximum recognition rate by scanning the respective traffic twice using different virus scanners. Note that dual scan is not available with BasicGuard subscription.
Quarantine unscannable and encrypted content: Quarantines emails whose content could not be scanned. Unscannable content may be encrypted or corrupt archives or oversized content, or there may be a technical reason like a scanner failure.
For detailed information please refer to Email Protection > SMTP > Malware.
-
Antispam Scanning: Here you can decide how to deal with unsolicited commercial emails. Both for spam and confirmed spam you can choose between the following actions:
- Off
- Warn
- Quarantine
- Blackhole
For detailed information please refer to Email Protection > SMTP > Antispam.
- Sender Blacklist: The envelope sender of incoming SMTP sessions will be matched against the addresses on this blacklist. If the envelope sender is found on the blacklist the message will be blackholed. For detailed information please refer to Email Protection > SMTP > Antispam. Note that, as a third option, you can add the global settings to your individual settings here.
-
MIME Audio/Video/Executables blocking: The MIME Multipurpose Internet Mail Extensions type filter reads the MIME type of email contents. You can select which content types you would like to quarantine:
For detailed information please refer to Email Protection > SMTP > Malware.
- MIME Type Blacklist: Here you can add additional MIME types to quarantine. For detailed information please refer to Email Protection > SMTP > Malware. Note that, as a third option, you can add the global settings to your individual settings here.
- MIME Type Whitelist: Here you can add MIME types not to quarantine. For detailed information please refer to Email Protection > SMTP > Malware. Note that, as a third option, you can add the global settings to your individual settings here.
- Blocked File Extensions: Using the File extension filter you can quarantine emails (with warnings) that contain certain types of files based on their extensions (e.g., executables). For detailed information please refer to Email Protection > SMTP > Malware. Note that, as a third option, you can add the global settings to your individual settings here.
- Blocked Expressions: The expression filter scans messages' content passing through the SMTP proxy for specific expressions. Suspicious emails will be blocked. For detailed information please refer to Email Protection > SMTP > Antispam. Note that, as a third option, you can add the global settings to your individual settings here.
- Confidentiality Footer: For each outgoing email, you can add and customize a confidentiality footer informing users, for example, that the email may contain confidential or privileged information. However, the confidentiality footer will not be appended to the email if the email is a reply (i.e. having an In-Reply-To header) or if the content type of the email could not be determined. Note that the footer is appended depending on the sender domain. To use a footer, select the checkbox and enter the footer text.
- SPX Template Selection: The SPX template is used for SPX Encryption. It defines how encrypted emails will be sent to the recipients. For detailed information please refer to Email Protection > SPX Encryption > SPX Templates.
-
Data Protection Configuration: Here you can add attachments to the scan list, set notifications and select items from the SophosLabs Content Control List.
For detailed information please refer to SMTP > Data Protection.
-
-
Click Apply.
Your settings will be saved.The new profile appears on the SMTP Profiles list.
Note – When you select Use global settings for a topic and click Apply, the icon of the function changes to the global settings icon. By this, you can easily get an overview on which functions global settings or individual settings are applied.
To either disable, rename or delete a profile click the corresponding buttons at the top below the profile drop-down list.