Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 39 replies
  • Subscribers 1 subscriber
  • Views 170558 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Email Appliance - Spam still getting through

jadedmia
We are using Sophos Email Appliance (latest patch) and according to Sophos we have everything configured the best way to block spam. Still continuing to recieve spam to users inboxes. Really blatant stuff like free gift cards and things like that. Anyone have any ideas on how to stop it? It seems like since about Febuary 2014 a lot more spam is getting through and being marked in the logs as legitimate. I have checked the allow lists and I don't have anything listed that it could be bypassing the policies.

Any help would be greatly appreciated because it seems to be from Sophos's last correspondence that they are basically unwilling to help any further.

James
:53647


This thread was automatically locked due to age.
Parents
  • 0

    In a nut shell the delay queue has a learning process.. When that is complete it will activate. This will alter the mail flow slightly.

    Once new mail arrives, it will undergo a new set of tests that will determine if the mail should be delayed.. During this test the process is exactly the same as it was before the feature.

    When mail is re-queued it is rescanned for AV and SPAM.. Assuming it passes the mail is delivered.

    In regards to visibility.. I'm very sure you will see improvements to the UI soon.

    In terms of .. Is it responsible for the reduction in snowshoe spam? .. You bet!!..

    In regards to searching for them.. Currently you would need to export the maillog to say a splunk server and you could generate some sort of reports by searching for delayed

    :57480
Reply
  • 0

    In a nut shell the delay queue has a learning process.. When that is complete it will activate. This will alter the mail flow slightly.

    Once new mail arrives, it will undergo a new set of tests that will determine if the mail should be delayed.. During this test the process is exactly the same as it was before the feature.

    When mail is re-queued it is rescanned for AV and SPAM.. Assuming it passes the mail is delivered.

    In regards to visibility.. I'm very sure you will see improvements to the UI soon.

    In terms of .. Is it responsible for the reduction in snowshoe spam? .. You bet!!..

    In regards to searching for them.. Currently you would need to export the maillog to say a splunk server and you could generate some sort of reports by searching for delayed

    :57480
Children
No Data
Unfiltered HTML