We'd love to hear about it! Click here to go to the product suggestion community
We run a UTM9 (virtual appliance) and have many customers using hardware SG appliances. This afternoon we have have many reports of email issues, with sending and receiving from a variety of company addresses and gmail.com / hotmail.com domains.
According to the mail manager all of the emails are being dropped as confirmed spam. Is this a dodgy pattern update?
Internally we are currently on FW 9.601-5 and pattern 161467.
I have switched reject at smtp time to off and emails are now getting quarantined. Have logged a support call with Sophos via email and am in the phone support queue.
Any one else experiencing this?
Yes this is a known issue, dodgy pattern update as you suggested.
I am having exact same problem at several customers with UTM(9)
I have had to disable all spam options.
In reply to JonathanMarsden:
We're also experiencing this - 95% of emails are going down as confirmed spam due to "ctasd reports 'Confirmed" - having to manually release emails at the moment. Anyone any idea on a fix eta?
Just had an update to my ticket from Sophos that they are aware of it and working on it. I will be sending them some sample emails.
Have quite a few clients using these - not too keen on fully disabling antispam!
In reply to cmyk_asim:
Been on phone queue for last hour - now given up on the basis of this post.
I've turned off my Reject at SMTP time: and turned my Spam action to off as it started trapping emails rather than reject them.
Not the best, but lots of users shouting for emails
In reply to Graham Davey:
Any updates on this? manually releasing emails is very tedious! not willing to turn off antispam.
In reply to Daniel Tye:
Spent 50 mins waiting for Sophos support (it has to be the worst in the business and the hold music wants me to stab a fork in my head)
End result is it’s an issue with a A third party Spam that they use. They have had an issue today with .co.uk domain as some servers went down.
Issue is that I checked their status page and they say it’s all good.
It’s on my wok machine but it was someone like Cyana?
In reply to PeterWeir:
Do you get reason=“as” in the smtp log
Not really. On checking our mail flow this morning, it still seems to be a problem.
I've now set a flag to say *Possible Spam* to give a warning to my users and it allows me to see what is being flagged as Spam
We get too many mails for me to sit releasing them all day.
According to their advisory:
the issue should be resolved now - but I'm not seeing it either. All test messages still being causght as confirmed spam.
Pattern version is showing as newer: 161486 but still problems by the looks of things.
We're on pattern 161487 and still seeing the issues.
Ditto with 161487
Finally got through to tech support and they wanted to run the remote support software which I heard as 123.com. Unfotunately, the accent was very strong and this web page resulted in a page of Asian symbols.
Tried booting up another machine and, after more difficulties in understanding, he "disappeared".
I appreciate support must have been a touch busy since yesterday but I'm somewhat miffed.
I had a response to my e-ticket a short while ago saying the issue is now resolved. I have replied to let them know the issue is still occuring.
If anyone does manage to get a breakthrough/fix (other than disabling antispam) an update on here would be appreciated :)
Same here, 161487 is still causing these errors for us
running pattern 161489 still getting the issue.
issue has been only been on replies not initial emails coming in...