O365 Hybrid and Sophos Email Appliance

Question

I am planning to migrate our Exchange 2010 SP3 server to O365 using Hybrid environment. We also use Sophos Email Appliance which is a box sitting inhouse.

Currently, the mail flows like this.

Inbound from Internet
Internet --> Sophos Email Appliance --> Edge Server --> Mail Server

Outbound to Internet
Mail Server --> Edge Server --> Internet

I want to retain Sophos Email Appliance and at the same time don't want to break the Microsoft rule that I should not be putting anything between O365 and On-Premises Exchange and also referring to the following article: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-mail-flow-on-office-365-and-on-prem

I come up with:

Inbound from Internet
Internet --> Sophos Email Appliance --> O365 --> Edge Server --> Mail Server
(I must admit the routing is a bit inefficient as incoming mail has to be sent back to the internet to reach O365)

Outbound to Internet (no change)
Mail Server --> Edge Server --> Internet

Will this work?
Thanks in advance.

Answer 1

Yes, as we know, Microsoft does not support any third-party SMTP gateways between EOP and the on-premises hybrid connectors; the only supported device is an Exchange Edge Transport server. While you can leave your non-hybrid traffic routing through a third-party appliance, using it in the middle of your hybrid mail flow may cause messages to appear as external and is not supported.

We could refer to the following documents: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-mail-flow-on-office-365-and-on-prem https://docs.microsoft.com/en-us/exchange/edge-transport-servers I think it will work.