Transition your Email
Before transitioning and changing any MX records, please ensure all of the following steps have been created before proceeding:
- Sophos Email domains added
- Mailboxes created and/or synchronized
- Email Security Policies migrated
- Firewall NAT rules and Firewall rules created
Microsoft 365 or Google Workspace Cloud Mailservers
If a cloud mail provider is being used and are not required to route through the Sophos Firewall, simply update your MX records to Sophos Central as directed in https://central.sophos.com, Email Security > Settings > Domain settings/status > Configure External Dependencies.
If mail flow rules are utilized, update your MX records to point to Microsoft 365 directly. https://learn.microsoft.com/en-us/microsoft-365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider?view=o365-worldwideAll
Other on premise or 3rd party mailservers
Inbound Mail
- Turn on the NAT and Firewall rules created from the previous steps
- Update your MX as directed in https://central.sophos.com, Email Security > Settings > Domain settings/status > Configure External Dependencies.
- Send a test email to confirm inbound email delivery
Outbound Mail
-
To deliver outbound mail through Sophos Email, follow the instructions for common providers linked below:
-
Update any SPF, DKIM, and DMARC records as detailed in the common instructions above.
- Ensure a firewall rule allows outbound delivery from your on premise mailserver
- Send a test email to confirm delivery
Once the Inbound and Outbound mail has been delivered, you can then delete all migrated SMTP policies on the Sophos Firewall under Email > Policies & Exceptions.