Feature Request: Allow Enterprise level Allow and Block Lists to override Sophos/Reflexion blatant spam filters

Allow Enterprise level Allow and Block Lists to override Sophos/Reflexion blatant spam filters.

If I add a domain to my Allow list, I would expect every email from that domain to come through. Currently, this is not the case. Sophos/Reflexion's back-end has its own set of rule and filters email before I get a chance to see it, often with false positives.

We recently had a client that was not receiving an important email from their main office. This original email had 800 recipients. Sophos/Reflexion blocked this email as "too many recipients" and did not report the block to our console.

It would be nice for the administrator to be able to have control over what email gets through the system. 

  • Seconded.

     

    This feature should also Override (Supersede) the Attachment Filtering > Advanced Features setting;  "Block all messages with attachments that do not meet RFC2183 standards"

    Even if an email address or domain is whitelisted, emails that have a winmail.dat file that causes the email(s) t0 still get quarantined and users don't see these until they get the quarantine report. This is not good for important and/or time sensitive emails. 

  • In reply to HeskaIT:

    Hi Heska,

    If I understand your request correctly you would like to be able to set "skip check" rules for certain security settings coming from hosts/email domains. If so i wholly support your request.

    These features are in the UTM/XG/Email Aplliance and should also be in the cloud email gateway!

    Have you made a feature request here:

    If so could you link it and I'll cast my vote!

    Emile

  • In reply to HeskaIT:

    THIS. Our notifications from BambooHR are safe, but contain an image that trips RFC2183 check every time. Trying to work with them to fix has been fruitless.  Just let me allow them!

    HeskaIT

    Seconded.

     

    This feature should also Override (Supersede) the Attachment Filtering > Advanced Features setting;  "Block all messages with attachments that do not meet RFC2183 standards"

    Even if an email address or domain is whitelisted, emails that have a winmail.dat file that causes the email(s) t0 still get quarantined and users don't see these until they get the quarantine report. This is not good for important and/or time sensitive emails. 

     

  • Agreed, allow/block lists should override Sophos/Reflexion filters. 

  • Best feature request ever... need to have another option for blocking vs. the global blacklists method that is default to Reflexion

  •  

    The image above is the hierarchy of how reflexion scans emails. 

  • In reply to cestlabby_c137:

    You are missing a step. The Sophos gateway scans all incoming email and dispatches with it based on Sophos rules for blatant spam. After that, it follows the rules you listed.

    These emails and the associated logs are lost to the end user and the administrators of the domains. Only Sophos employees can see these logs, and the emails that are deleted.

    I have had to contact tech support multiple times for emails that were eaten by the Sophos Gateway, and never made it to my management portal. They were able to lift blocks that were keeping me from getting emails. 

    I am just asking that there be transparency, and that we can see EVERY email that is bound for our servers. There are a lot of false positives at the gateway that cause us grief on the support side of this product. 

     

    It is more like this.