This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mails from Cyberoam Appliance are blacklisted exclusively by Sophos

Hello,
2 of our customers still have Cyberoam appliances in use because the modules are still valid until the end of the year and they are currently not willing to switch to a Sophos.
If i check the domains, they have no entry in any RBL-Check (Spamhaus...) and the certificates of the mail servers are valid.
The mails are accepted by every firewall except Sophos appliances. After consulting the IT departments of the respective companies, the mail is rejected by the RBL check because there would be an entry at: fur.global.sophosxl.com.
How the hell can I remove my customers domains there?

Best regards

This thread was automatically locked due to age.

0 FormerMember over 2 years ago

Hey Joel, Welcome to Sophos Community.

If these email servers are hosted behind Cyberoam device, I mean the MX records are the public IPs of Cyberoam device (or any upstream device), Please check once here on our Sophos labs page: https://www.sophos.com/en-us/labs

You can submit an appeal if the IP addresses appear blacklisted. If not, then we'll need logs and a sample blocked mail (eml file) from either one of those XG devices to further check with the labs team internally.

Thanks,
Cancel
Vote Up 0 Vote Down

Cancel
0 JensLange over 1 year ago in reply to FormerMember

Hello Devesh, can you answer a similar question here?
Cancel
Vote Up 0 Vote Down

Cancel
0 Joel Sander over 1 year ago in reply to JensLange

Hey JensLange

did you already checked the MX Entries for the Domain?
mxtoolbox (dot) com is a good tool for this.

In our case, an incorrect dmarc entry was the culprit.
Cancel
Vote Up 0 Vote Down

Cancel
0 FormerMember over 1 year ago in reply to JensLange

I have replied to your thread :)
Cancel
Vote Up 0 Vote Down

Cancel