SmartHost routing by Sender Domain or Target Domain
Normal Email Servers like exchange 2010 and 2013 and sendmail allow configurations where specific "from: domains" and or to: domains can be routed via a specific smart-host while all other traffic flows directly to the target.
This flexibility is often used for HIPA compliant encryption or military contractor communications. If the smart host logic is on the email server; then that server cannot use the astaro email security for the targeted domains. In such cases smart host authentication is almost universally used.
In order to make server side smarthost targeting work in a UTM protected environment; the targeted smarthost servers have to be exempted from transparent email protection. Failure to do that cause the UTM to swallow the authentication info and a failure to route mail occurs. ; once the target smart host is exempted from "Transparent" interception the smart host routed mail flows but non of the astaro logic/protect applies to those emails. This means Virus and Spam protection for that traffic is lost.
An logical enhancement would be to move this routing logic into the UTM so it could occur post AV and AntiSpam check...
In this model the source Email server that is protected by the UTM would send all email to the UTM per normal with no specific routing logic.
The UTM would have a rules on it that said:
If from *@sourcedomain.com then route via SmartHostA with Autheticaiton Credentials XXXXXXX.
Else If going to *@targetdomain.com then route via SmartHostB with Authentication Credentials XXXXXXX
Route directly without smarthost
Routing by From Domain would be used by an domains that are subject to HIPAA and need to route email to an encryption analyzer like those produced by ZIXCorp. Routing by Target Domain, would be used in scenarios where the target domain request all communications to go through their private front end server; this is common in the Aerospace and Miltary Space.
Joshua Gause commented
I would love to have this. We route email out through 4 smarthosts due to different state and federal regulations. I've cobbled together a solution that works using a postfix server, but having it through my UTM would save me so much headache anytime we need to add a new domain (which seems to be once every other week now).