PLEASE READ Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for the latest updates.
We'd love to hear about it! Click here to go to the product suggestion community
Is there a good way to trouble shoot when a customer replies to a secure email that they've received? We have a customer who sends us a secured file. Our staff sends him a secure email, which he replies to and attaches his file. Lately, it only works some times. When we search the mail logs on the Sophos email appliance, we don't see the email listed.
Check the search tab for the sender/recipient details, if you cant see anything search just the time frame and check all emails that arrived in that time - did any trigger a different policy or spam protection? Are any of your rules set to discard?
You might find it easier use the syslog feature and then search the raw logs manually for the sender details.
Have you also asked the sender to double check their MTA logs to ensure the email actually left their end?
If there is no trace of the email on the Email appliance then it doesn't sound like it even made it as far as the email appliance, check any upstream firewalls too.