Sophos XG: How to add POP-IMAP Scan policy in MTA mode

Email security concept image with business icons and

Overview

POP/IMAP scan policy to detect incoming and outgoing spam in POP and IMAP traffic

How to configure

  • Email -> General setting -> Check and switch to MTA mode
  • Email -> Policies -> Click Add Policy -> Choose POP/IMAP scan
  • Enter Name
  • Enter email address/domain group
    • Sender: To specify the sender email addresses, select from the following options:
      • Contains: Specify the keywords to be matched with the senders’ email addresses
      • Equals: Specify the senders’ exact email addresses
    • Recipient: To specify the recipient email addresses select from the following options:
      • Contains: Specify the keywords to be matched with the recipient email addresses
      • Equals: Specify the recipients’ exact email addresses
  • Filter criteria
    • Inbound Email is
      • Spam
      • Probable
      • Virus Outbreak
      • Probable Virus Outbreak
    • Source IP/Network Address: Sender’s IP address matches the specified IP address
    • Message Size: Sender’s email size matches the specified restriction of message size
    • Message Header: Select from the following message headers to match the specified keyword
      • Subject
      • From
      • To
      • Other
      • Contains: Specify the keywords to be matched with the message header
      • Equals: Specify the exact match to the actual headers
  • Action
    • Accept: Email is accepted and delivered to the intended recipient
    • Prefix Subject: Email is accepted and delivered to the intended recipient after adding a prefix to the subject line

-> Click Save

  • Firewall -> Add firewall rule -> Choose Business application rule
  • Choose Email Clients (POP & IMAP)
  • In Appication template: Choose Email Clients (POP & IMAP)
  • In Source zone: Choose Any
  • In Source networks: Choose Any
  • In Destination zone: Choose Any
  • In Destination networks: Choose Any

-> Click Save

2 Comments

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.