Migrate Firewall Email Policies (Transparent proxy) to Sophos Email
The following steps should be followed if you use the Sophos Firewall in legacy mode or as a transparent proxy. Do keep in mind data control policies on Sophos Email are processed from top to bottom, the first policy to match will be applied. POP-IMAP scanning rules is not required or possible on Sophos Email.
SMTP malware scan & Attachment Filter policies
Sophos Firewall
SMTP malware or AV policies are configured on a per sender and recipient basis on the Sophos Firewall. These steps may need to be repeated if there are additional AV policies configured.
Sophos Email
Malware protection settings can be configured under Email Security > Policies > Policy Name > Settings > Anti-malware.
Emails can be either deleted or quarantined with additional advanced filtering such as Enhanced Email or Intelix Threat Analysis (zero-day protection on the Sophos Firewall). Unscannable emails or attachments are given additional actions such as tag subject line, quarantine, or delete.
Sophos Email File protection
Data control policy rules can be controlled through either inbound or outbound directions allowing for even greater flexibility. An equivalent file protection rule can be configured under Email Security > Policies > Data control: Policy Name > Settings > Inbound > Add rule.
Selecting the Attachment file types (AFT) template.
Complete the rest of the sections and include any exceptions to the file protection rule by specifying specific Message Attributes or email addresses/domains. Select the action(s) to take on this rule and turn the rule “On” then select Save to commit the new rule.
SMTP spam scan policies
Sophos Firewall
At this time, Sophos Email does not support custom RBL configurations however Sophos Email uses multiple sources for advance IP reputation checks. All outbound email processed by Sophos Email is automatically processed by Sophos Anti-Spam checks to maintain a good IP reputation. Anti-spam policies do need to be migrated
Sophos Email
Configure the spam settings found under Email Security > Policies > Policy Name > Settings > Anti-Spam according to the equivalent actions listed below in Sophos Email.
| Sophos Firewall | Sophos Email |
|---|---|
| Accept | Deliver |
| Prefix subject for spam | Tag subject line |
| Quarantine | Quarantine |
| Drop | Delete |
| Reject | N/A |
| Change Recipient | N/A |
SMTP Anti-spam policies: Data Control List
Any custom data control list scans can be migrated using similar CCL rules in Sophos Email. Sophos Email allows for even great control and CCL entries available.
Sophos Firewall
Sophos Email
Sophos Email allows the use of predefined data control rules or you can customize each specific CCL entry on its own. Under the following Email Security > Policies > Data control: Policy Name > Settings > Inbound > Add rule.
Select Content control lists (CCLs) to greater control and customization or use one of the predefined templates.
Complete the rest of the sections and include any exceptions to the CCL rule by specifying specific Message Attributes or email addresses/domains. Select the action(s) to take on this rule and turn the rule “On” then select Save to commit the new rule.
SMTP Anti-spam Policies: Message Attributes
Any policies configured on the Sophos Firewall checking message size or message headers can also be migrated through Data Control rules on the Sophos Firewall.
Sophos Firewall
Sophos Email
Sophos Email allows data control rules to analyze message attributes and is done under Email Security > Policies > Data control: Policy Name > Settings > Inbound > Add rule > Select Message Attribute (MA).
Follow the on-screen instructions and select from specific headers, source, or message size. The bottom of the filter has the option to match all attributes or if one is present:
Encryption (General settings and SPX)
Sophos Email allows for 4 different methods of encryption; Send via TLS, Push Encryption (PDF encrypted equivalent to the Sophos Firewall SPX encryption), Portal Encryption (web portal Sophos Secure Message), and S/MIME. For more details on each type, please refer to Secure message methods.
Passwords will always be defined and setup by the recipient when using Push or Portal Encryption methods. Emails can be encrypted through Data control, M365 Outlook Plugin, or Secure Message policies.
Sophos Firewall
Sophos Firewall SPX global encryption settings are used under the Sophos Firewall SMTP policy, data protection actions.
Whereas SMTP TLS configurations are configured under Email > General settings.
Sophos Email
Under Email Security > Policies allows you to choose when and how to encrypt emails. This can be done in two policy types, Data control or Secure Message policies, allowing encrypted emails to be sent between specific emails, domains, containing specific subjects, plug-ins and more! For a more detailed look into additional secure message methods, please refer to Secure message methods.
To configure the equivalent Sophos Firewall TLS settings, navigate to Email Security > Policies > Secure Message: “Base Policy – Secure Message” (if you have previously configured a Sophos Central trial account, you may see Migrated rules which are applied top down in precedence). From here the Settings allow you to control what method of TLS is preferred, do note, the connection from your mailserver and Sophos Email does require TLS to be supported.
To enforce different TLS settings to various senders or recipients, please create a new Secure Message Policy defining. Select Email Security > Policies > Add Rule > Secure Message.
Then add internal and external selections to whom this rule will apply to, BOTH selections must be present to match.
Spam check exceptions
Sophos Firewall
Sophos Email
Domains, Emails, or IP addresses can be added to the global block and allow list for even greater control under Email Security > Settings > Inbound Allow/Block.
Matching any allow list entries will bypass anti-spam checks globally.
