Dear Product Documentation Dpt.,
We've been having some strange SPF issues with hydra outbound emails from a Central Email Tenant in the EU-Central/Germany Region and it took us a while to find out the culprit.
After a lot of troubleshooting we noticed that Sophos Central Email outbound server public IP address (94.140.18.227) was OUT of the scoupe the suggested NEW ip address subnet, according to the documentation: "94.140.18.128/26"
If you grab a subnet calculator 94.140.18.128/26 gives a usable host range from 94.140.18.128 to 94.140.18.190
Here's an excerpt of the message headers showing how hydra is presenting itself out of the documented ip range:
Received: from mfod-euc1.prod.hydra.sophos.com (94.140.18.227) by
VI1EUR06FT010.mail.protection.outlook.com (10.13.6.179)
We have solved the problem increasing the subnet scope by changing the mask to "/25", which NOW includes a usable host range from .129 to .254).
I guess this issue must be happening to other confused customers and it is not that easy to notice if you don't think about pulling out a subnet calculator.
Documentation containing the errata that we have found so far:
https://support.sophos.com/support/s/article/KB-000043861
and also:
https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/EmailSecurity/SophosGateway/ExternalServices/EmailDomainInfo/index.html?x-clickref=1011lvW7u8zZ&affiliate=111l748#EmailGatewayIPs
This errata might be in other places too (?)
Kind Regards,
Félix Salmones / ADISTALIA SL
-
R@DocSupport
-
Cancel
-
Vote Up
0
Vote Down
-
-
More
-
Cancel
Comment-
R@DocSupport
-
Cancel
-
Vote Up
0
Vote Down
-
-
More
-
Cancel
Children