Today, I am going to show you how to use SendGrid as SMTP relay at Sophos UTM firewall and help you send email out successful, the Sophos UTM firewall and exchange servers are VMs of Nested Hyper-V host at Azure, if you don’t know how to build a Nested Hyper-V host in Azure, you can reference our Building Real Word lab in Azure Volume 1 book from , this is step by step to tell you how to build your own lab in Azure.

If you are existing Azure customer, you can unlock 25,000 free emails each month. If you don’t know how to create a free SendGrid account, please check my previously blog.

  1. Login to exchange server VM.
  2. Open Exchange admin center.

  3. On the Exchange admin center page, select mail flow.

  4. On the mail flow page, select connectors and then click +.

  5. On the new send connector page, type send connector name and select Internet Type, click Next.

  6. On the Network settings page, select Route mail through smart hosts and click +.

  7. On the Add smart host page, enter (this is UTM Internal interface IP address) and click Save.

  8. On the new send connector page, click Next.

  9. On the Smart host authentication page, select None. Click Next.

  10. On the Address space page, click +.

  11. On the add domain page, enter * as Full Qualified Domain Name (FQDN), click Save.

  12. On the new send connector page, select Scoped send connector, click Next.

  13. On the Source server page, click +.

  14. Select the exchange server and click add and then click OK.

  15. On the new send connector page, click Finish.

  16. Login to UTM WebAdmin.

  17. On the WebAdim page, select Email Protection.

  18. On the Email Protection page, Select SMTP.

  19. On the Smtp page, select Global and enable SMTP Proxy.

  20. On the SMTP page, select Routing, add internal and external domains name to Domains and add exchange servers to the Host List, Click Apply.

  21. On the SMTP page, select Relaying, add Exchange Servers to the Allowed Hosts/Networks, click Apply.

  22. On the Content Scan for Relayed (outgoing) message, select Scan relayed (outgoing) messages, click Apply.

  23. On the SMTP page, select Advanced.

  24. On the Smathost settings, select Use a smarthost and then add as smart host, enter 2525 as Smarthost Port.
  25. Select This smarthost requires authentication, and enter SendGrid account user name and password, click Apply.

You will notice send email out without issues now.

Ps. Don’t forget to add your external IP address to whitelisted at SendGrid IP Access Management.

Hope you enjoy this post.

Cary Sun

Twitter: @SifuSun