Overview
This article describes the steps to configure mail notifications while being in legacy mode and the mail server is located locally in the firewall and the MX record of the domain points towards the public IP address configured on the Sophos XG Firewall.
The following sections are covered:
Applies to the following Sophos products and versions
Sophos Firewall
What to do
- Check if the MX record of the sender email address domain is pointed to the local interface, i.e. one of the XG interface.
- When SFOS is configured in legacy mode, it will use the MTA service to route the email where it is determined by the MX records of such domain.
- In such cases, you would need to add a DNS host entry that would point the SMTP server to the local mail server where the MX record would point to itself as it has higher priority.
- Alternatively, a DNS configuration may be added to point to the local mail or domain controller.
Example:
Email: sophos@abcde.com
Domain: abcde.com
MX records for abcde.com is zmail.abcde.com and zmail2.abcde.com
The 'A' record of zmail.abcde.com and zmail2.abcde.com would point to the public IP address which is configured on the Sophos XG Firewall WAN interface.
The next step is to create a DNS host entry on the XG Firewall for zmail.abcde.com and zmail2.abcde.com and mention the address of the mail server locally configured host address.
Note: Quarantine release mails also follows the same behavior.
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Feedback and contact
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.
This is invaluable to us to ensure that we continually strive to give our customers the best information possible.Article appears in the following topics
