03-24-2017 10:44 AM
Microsoft insists that multiple class "B" network ranges be added to the RELAYLIST so that mail can flow through our ESA appliances. Unfortunately, TAC is saying that mail cannot be subjected to filters. since the mail is being trusted by nature of the RELAY. Can someone tell me how to configure my ESA's so the mail will be inspected, filtered, like all other non-365 mail?
03-24-2017 11:06 AM
Hi,
IPs added to the Relaylist are treated as outbound emails and would be subject to the configuration on Outgoing Mail Policies which includes anti-spam, anti-virus, content filters, dlp, etc.
However, enabling additional scanning for outbound emails would increase load on the appliance depending on the amount of mail flow.
To make use of senderbase reputation checks you could also create message filters for these outgoing emails to drop connections from IP's of poor reputation.
Thank You!
Libin Varghese
03-24-2017 12:58 PM
The challenge is with INBOUND mail as that is where the relay occurs. TAC states that relays cannot be filtered.
03-24-2017 01:07 PM
I'm not sure what you mean by inbound email is being relayed.
Relay action in mail flow policies is for outbound emails.
Accept action in mail flow policies is for inbound emails.
What kind of filtering are you looking to implement?
- Libin V
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide