How do I set or change the email address used in bounce backs?

I'm using Sophos XG v16 and I have just configured the email spam filter to work as a transparent proxy.
Everything works great, apart from when it rejects an email.
The system sends the rejection email to the sender as it should, however it doesn't have an email address when sending.
As a result, most spam filters will quarantine the bounce back email.
Any ideas as to how I can get this resolved?
Thanks in advance!

  • John,

    Did you configure the email settings under Administration > notification settings?


  • In reply to lferrara:

    I have configured the notification settings and that works as expected - but still when a bounce back rejection message is sent, it is sent without an email address.

  • In reply to John Humphries:

    Thanks for your feedback. It should be somewhere else (inside a file) and form GUI is not configurable.

    Let's wait for an official answer from or  


  • 1. The NDR are usually sent by postmaster@yourdomaindotcom. Are you saying XG is using a different address?

    2. NDR is sent as a courtesy. If your NDR it is being caught in the spam filter of the sender, it is their problem not yours. A lot of spam filters block NDR from their own domain because of back scatter. In any case this should not be a major concern.

  • In reply to Billybob:

    The NDR is being sent seemingly without an email address at all!
    I am testing this from my Gmail account - the NDR is appearing in the junk filter without fail due to coming from an "unknown sender"
    I have attached the header of the NDR below (I redacted our companies IPs and domains)

  • In reply to John Humphries:

    Sorry, I am not used to reading google headers but it seems that you are getting the email from postmaster@mail.yourdomaindotcom isn't that correct? If that is the case, are you sure that it is not one of the settings in gmail that is marking that email as spam? Also your IP is not in any RBLs right?

    As to your original question about changing the postmaster address, I am not sure that it can be done via gui. I am sure one of the sophos guys would be here to help you shortly.

  • In reply to Billybob:

    Admittedly, I didn't spot that until redacting all the information.
    I have attached another image showing the actual NDR I received - note the lack of email address in the from field.
    So why would the NDR include the email in the header, but gmail not fully pick it up?
    And I double checked - I am not listed in any RBLs.

  • In reply to John Humphries:

    I was curious about your problem and did some more digging. It seems that gmail is looking for SPF and DKIM records for your domain. From the gmail headers that you attached, it did receive a neutral score from SPF check which means you are not using SPF and that is probably why the mail was marked as spam. As to why it doesn't mention a sender's name is a mysteryBig Smile 


  • In reply to Billybob:

    Hello i would like this fixed as well. Is there a fix? Notifications that go to the IT department are fine, they have a correct from header. However external messages, such as "delivery failure notification", have no from address! this causes the mail to be rejected by some ISPs that means they never get a bounce, so i can never fix the original problem becuase the end user does not know about it (from the bounce they dont receive)

    Can this be fixed? its an issue from 2016, has no one else really had a problem with this?



    From unknown@unknown.invalidTue Mar 12 17:36:41 2019
    Return-Path: <>


    Subject: Delivery failure notification


    the TO field is populated correctly. It is for sure not using the settings from notifications so where is its settings set?