Country of Origin (Geo IP protection)

14 May 2024

What’s new – May 14, 2024

Your email security is quintessential to Sophos Email and the product team is constantly listening to your feedback to improve your email security posture. One of the features frequently requested is the support Geo IP protection. With the release of this new feature, Country of Origin, we have again responded to your valuable feedback. We believe that this feature in combination with the anti-spam protection will further fortify your defenses against both the spam and the nuisance of unwanted messages that hamper productivity of your users.

Watch the video at end of this post to familiarize yourself with the new feature.

Applies to the following Sophos products
Sophos Email Advanced

In this post the following sections are covered:
How to configure
View details in the Message History
Caveat
Watch the video

How to configure

To configure the country of origin protection, you need to use your email security policy. As shown in the screenshot below, under inbound settings you’ll find the country of origin tab on the left panel. You should select the countries from which you want to disallow the messages. We recommend checking the country for every message hop to prevent spammers from crafting a message that pretends to have originated in a country not disallowed by you.

View details in the Message History

As shown in the screenshot below, the Message Details page in Message History shows you the country of origin of the message that arrived from one of the countries disallowed by you in your Email Security policy.

Caveat

We recommend that you do not disallow the USA as the country of origin of messages. Many senders who are not located in the USA, register their IP addresses in the USA. Hence, disallowing messages from the USA will result in a significant increase in false positive detections, in which a message sent from another country is incorrectly detected as a message sent from the USA.

Watch the video

Rahul Sinha 1 month ago in reply to Jason Knopp

Jason Knopp you can block any country where you have no business interest and where neither your employees nor your business partner travel to. Since this information is known to you, you're better placed to make that decision to block than anybody else. Note, if you block a country, say Iran, and your employee travel to Iran, then the risk is that the employee's emails will get blocked. Hence, pls exercise caution in selecting the blocked country.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
Jason Knopp 1 month ago

Are there any additional countries that you may suggest we block from the start? Thanks!
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
Rahul Sinha 1 month ago in reply to Chuckak

ChuChien Wei Thank you for your feedback. We are in process of making that improvement to the quarantine. In the meantime, as shown in the demo video, the country blocked is shown in Message Details of Message History.
- Cancel
- Vote Up +1 Vote Down
- Sign in to reply
- More
- Cancel
Chuckak 1 month ago

Need the quarantine message to show the name of the country being blocked. Currently I have to take the IP address and go on the internet to an IP checker utility.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
DavidSain 1 month ago

We have customers that have wanted this for some time. Glad the feature has been rolled out.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel