Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
We'd love to hear about it! Click here to go to the product suggestion community
Hello, can be Sophos Central Email blacklisted?
I was trying to send emails to my clients and i had the following error:
Your message could not be delivered to one or more recipients. The details are attached below. For further assistance, please contact your IT Administrator.
<soporte@a*****l.com.py>: host mail.a****l.com.py[xx.xx.xx.xx] said: 550-Sophos Anti Spam Engine has blocked this Email because the sender IP 550 Address is blacklisted. (in reply to RCPT TO command)
solicitud nro. : ##5551## - re: [caution: suspect sender] fwd:
Is there the possibility that Central outbound IP is blacklisted?
If anyone knows anything it will be appreciated..
PS.: my client has Sophos XG Firewall with Email protection.. funny, Sophos blocking sophos haha..
Hi Renato Pontiggia
We're currently looking into this and I'll post further updates as soon as more information is available.
In reply to Jaydeep:
We have the same issue with two of our clients now
Message not deliveredYour message could not be delivered to one or more recipients. The details are attached below.
Failure reason: <email@example.com>: host hotmail-com.olc.protection.outlook.com[184.108.40.206] said: 451 4.7.650 The mail server [220.127.116.11] has been temporarily rate limited due to IP reputation. For e-mail delivery information, see https://postmaster.live.com (S775) [CLIENT.eop-nam11.prod.protection.outlook.com] (in reply to MAIL FROM command) -nam11.prod.protection.outlook.com] (in reply to MAIL FROM command) From: firstname.lastname@example.org
Subject: re: SUBJECTSent: 2019-11-10T05:19:44.000Z
Sad face!!! Its been happening for 2 days now
In reply to Beau Murray:
I have this exact same issue as well too Beau Murray.
Sophos Support - any updates on this issue?
Hi Beau Murray & Faith Wan
I just checked the IP reputation for the IP 18.104.22.168 and it is clean. Rate limitation is something that depends on the recipient's email server as well. If you're still facing the issue, I'd recommend creating a case with Sophos Support and DM me the case number.
I ended up contacting support and they said it was a bug which has been escalated to the dev team. Will post when I hear more
Thanks for the information. Would you please DM me the case number? I'll track the progress of that issue.
Here is the response from support.
[#9418836] Central Email | Blocked due to ip reputation - live.com
My apologies for the inconvenience this has caused you. As per checking on the log file you've send we verified that there is an existing case that is being handled by our dev team regarding sophos temporary blocked due to ip reputation. This is the case ID for the dev team SUPP-96719 and as discussed I will provide update when the issue has an update or if it is now resolved. With this you can also refer to this case and include SUPP-96719 in previous transactions. Thank you.
Hi Beau Murray
I have a confirmation from our team that the issue has been completely resolved and post-incident observation did not indicate any further instances as such.
Thanks for your co-operation.
Fingers crossed. I got this yesterday with no news since. PS I had already implemented a connector to send direct and bypass Sphos email gateway.
Hello, We will update you once the IP has been unblocked. In the meantime what you can do is create a send connector on the email server so that it will send emails directly to hotmail.com/live.com (only on the affected domains) instead of sending it through to Sophos Central. Regards,
Thanks for letting us know that this has been resolved. Haven't received any of these notifications to me directly, but I'll ask my colleague to monitor since it originated from her mailbox.
In reply to Faith Wan:
Hi Faith Wan
You're welcome. If you come across this issue again, please post it here or DM me the details and we can look into this further.
We get this aswell.
host outlook-com.olc.protection.outlook.com[22.214.171.124] said: 550 5.7.1 Unfortunately, messages from [126.96.36.199] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [BN8NAM11FT044.eop-nam11.prod.protection.outlook.com] (in reply to MAIL FROM command)
In reply to Jason Mills:
We are also seeing this today.
A few users have already reported it, so it's being noticed.
In reply to Sophos User261:
Yep its back for me too, I just created direct send connectors for hotmail, gmail etc. Pretty frustrating to have to go through this again.
This issue has occurred again.
Sophos - please fix this ASAP!!