Hello,2 of our customers still have Cyberoam appliances in use because the modules are still valid until the end of the year and they are currently not willing to switch to a Sophos.If i check the domains, they have no entry in any RBL-Check (Spamhaus...) and the certificates of the mail servers are valid.The mails are accepted by every firewall except Sophos appliances. After consulting the IT departments of the respective companies, the mail is rejected by the RBL check because there would be an entry at: fur.global.sophosxl.com.How the hell can I remove my customers domains there?
Hey Joel, Welcome to Sophos Community.If these email servers are hosted behind Cyberoam device, I mean the MX records are the public IPs of Cyberoam device (or any upstream device), Please check once here on our Sophos labs page: https://www.sophos.com/en-us/labsYou can submit an appeal if the IP addresses appear blacklisted. If not, then we'll need logs and a sample blocked mail (eml file) from either one of those XG devices to further check with the labs team internally.Thanks,
Hello Devesh, can you answer a similar question here?
did you already checked the MX Entries for the Domain? mxtoolbox (dot) com is a good tool for this.
In our case, an incorrect dmarc entry was the culprit.
I have replied to your thread :)