Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 39 replies
  • Subscribers 1 subscriber
  • Views 170710 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Email Appliance - Spam still getting through

jadedmia
We are using Sophos Email Appliance (latest patch) and according to Sophos we have everything configured the best way to block spam. Still continuing to recieve spam to users inboxes. Really blatant stuff like free gift cards and things like that. Anyone have any ideas on how to stop it? It seems like since about Febuary 2014 a lot more spam is getting through and being marked in the logs as legitimate. I have checked the allow lists and I don't have anything listed that it could be bypassing the policies.

Any help would be greatly appreciated because it seems to be from Sophos's last correspondence that they are basically unwilling to help any further.

James
:53647


This thread was automatically locked due to age.
Parents
  • 0

    I noticed that all of our snowshoe spam was coming from 2 different Class B addresses every day.  I blocked those two whole subnets and haven't had problems with that anymore (until they move to other addresses at which point I'll have to black list those).  That can't be my end solution to this.  I tried a Barracuda filter and it seemed better but the encryption options are horrible and in the end I still had to black list those addresses.  

    I also have the delay options enabled but I'm not sure it'll do anything for us either.  When I looked at the spam getting through I'd check throughout the day against other RBLs (including sophos) and many times it would take up to several hours before an IP address got blocked so delaying a message for 10 minutes (which is how long they'll be delayed) won't probably do anything.  I wonder if they even test this stuff out first or if we're the betas...

    :57290
Reply
  • 0

    I noticed that all of our snowshoe spam was coming from 2 different Class B addresses every day.  I blocked those two whole subnets and haven't had problems with that anymore (until they move to other addresses at which point I'll have to black list those).  That can't be my end solution to this.  I tried a Barracuda filter and it seemed better but the encryption options are horrible and in the end I still had to black list those addresses.  

    I also have the delay options enabled but I'm not sure it'll do anything for us either.  When I looked at the spam getting through I'd check throughout the day against other RBLs (including sophos) and many times it would take up to several hours before an IP address got blocked so delaying a message for 10 minutes (which is how long they'll be delayed) won't probably do anything.  I wonder if they even test this stuff out first or if we're the betas...

    :57290
Children
No Data
Unfiltered HTML