Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

SMTP: Multiple Hostnames/Interfaces Support

With the SMTP proxy able to handle mail for many domains, allow the proxy to be configured so that an admin can assign a hostname per profile, or have the proxy report different hostnames per outgoing interface. (and the ability to specify which domains/profiles go out which interface). Allows for easier management and adoption of many smtp domains on a single asg appliance.

751 votes
Sign in
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Gert HansenGert Hansen shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


    Sign in
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      • Jason CarterJason Carter commented  ·   ·  Flag as inappropriate

        I cant believe this is even a feature request. This is ridiculous that the STMP Proxy listens on all addresses the firewall arp's for. This is making my pen test scans look awful.

      • MarcoMarco commented  ·   ·  Flag as inappropriate

        Yes, this is an essential functionality which is muched needed by us. Please implement it. Thanks.

      • BenBen commented  ·   ·  Flag as inappropriate

        I just want to echo everyone else below, this really is a much needed feature. I am new to Sophos and have only been using it for about 3 months now, but I can't believe such a basic function is missing and I'm surprised that nothing has been done since this has been a topic for 6 years.

      • Rolf MüllerRolf Müller commented  ·   ·  Flag as inappropriate

        Hey Sophos People, the request for better smtp implementation has been around for years now. It would be nice if you could improve this, please!

      • Mike HorwathMike Horwath commented  ·   ·  Flag as inappropriate

        I'll agree with the DKIM issues, and policies per domain.

        I don't agree with the binding to a different address per domain as there is no need - you can handle hundreds of thousands (millions!) of domains for email over any individual IP address.

        Same with outbound, and if you keep a clean house then any worries about later RBL issues are zero.

      • Robert ŠustaRobert Šusta commented  ·   ·  Flag as inappropriate

        I was disappointed, when I realized, than angry as this is really needed, and finally furious because it can be set-up on any handmade linux box... Really, come on... For that money? Such elementar feature missing?

      • Maximilian PfisterMaximilian Pfister commented  ·   ·  Flag as inappropriate

        Yes...different smarthosts would help a lot - also needed for failover of outgoing SMTP traffic maybe through different ISPs

      • Bob AlfsonBob Alfson commented  ·   ·  Flag as inappropriate

        In addition, it should be possible to indicate a different smart host if different than Global.

      • Anonymous commented  ·   ·  Flag as inappropriate

        This is vital for proper tenant mail domains. A single TLS cert and DKIM key are both currently bound to all outbound mail. Until we can segregate outgoing mail traffic by sender domain, so each gets it's own DKIM profile and TLS cert, footer, postmaster address and upstream smarthost, we have to stick to NAT'd connections.

      • Luke HLuke H commented  ·   ·  Flag as inappropriate

        I vote for this feature too- it would be great to allow each SMTP profile to have a unique banner/HELO !

      • Peter MottPeter Mott commented  ·   ·  Flag as inappropriate

        The UTM should not listen for SMTP on every interface. Please provide at least a global setting to bind SMTP service to a single interface.

      • Dan (Gonzzo)Dan (Gonzzo) commented  ·   ·  Flag as inappropriate

        Alex said it all..
        I perhaps just add the need to define a smarthost with login information per SMTP profile...

      • Adam WernerAdam Werner commented  ·   ·  Flag as inappropriate

        This would be a very useful feature so I hope it is being strongly considered. Many of us need to support multiple mail domains and therefore having the ability to easily map an outbound mail domain to a specific WAN interface and IP address [without dealing with complicated SNAT and/or Multipath rules] would be awesome.


      ← Previous 1

      Feedback and Knowledge Base