Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is Sophos central Email blacklisted?

Hello, can be Sophos Central Email blacklisted? 

I was trying to send emails to my clients and i had the following error:

Message not delivered

Your message could not be delivered to one or more recipients. The details are attached below.

For further assistance, please contact your IT Administrator.

Message details

Failure reason:

<soporte@a*****l.com.py>: host mail.a****l.com.py[xx.xx.xx.xx] said: 550-Sophos Anti Spam Engine has blocked this Email because the sender IP 550 Address is blacklisted. (in reply to RCPT TO command)

From:

soporte@i****s.com.py

To:

soporte@a*****l.com.py

Subject:

solicitud nro. : ##5551## - re: [caution: suspect sender] fwd:

Sent:

2019-09-20T12:39:10.000Z

Is there the possibility that Central outbound IP is blacklisted? 

If anyone knows anything it will be appreciated..

PS.: my client has Sophos XG Firewall with Email protection.. funny, Sophos blocking sophos haha.. 



Added tags
[edited by: Raphael Alganes at 8:32 AM (GMT -7) on 24 May 2023]
  • Hi  

    We're currently looking into this and I'll post further updates as soon as more information is available.

    Regards

    Jaydeep

  • We have the same issue with two of our clients now

    Message not delivered
    Your message could not be delivered to one or more recipients. The details are attached below.

    Failure reason: <recipeint@hotmail.com>: host hotmail-com.olc.protection.outlook.com[104.47.56.161] said: 451 4.7.650 The mail server [18.216.23.29] has been temporarily rate limited due to IP reputation. For e-mail delivery information, see https://postmaster.live.com (S775) [CLIENT.eop-nam11.prod.protection.outlook.com] (in reply to MAIL FROM command) -nam11.prod.protection.outlook.com] (in reply to MAIL FROM command)
    From: sender@myclient.com.au

    To: recipeint@hotmail.com

    Subject: re: SUBJECT
    Sent: 2019-11-10T05:19:44.000Z

    Sad face!!! Its been happening for 2 days now

  • I have this exact same issue as well too Beau Murray.

    Sophos Support - any updates on this issue?

    Thanks!

  • Hi  &

    I just checked the IP reputation for the IP 18.216.23.29 and it is clean. Rate limitation is something that depends on the recipient's email server as well. If you're still facing the issue, I'd recommend creating a case with Sophos Support and DM me the case number.

    Regards

    Jaydeep

  • I ended up contacting support and they said it was a bug which has been escalated to the dev team. Will post when I hear more

  • Thanks for the information. Would you please DM me the case number? I'll track the progress of that issue.

    Regards

    Jaydeep

  • Here is the response from support.

    [#9418836] Central Email | Blocked due to ip reputation - live.com

    My apologies for the inconvenience this has caused you. As per checking on the log file you've send we verified that there is an existing case that is being handled by our dev team regarding sophos temporary blocked due to ip reputation. This is the case ID for the dev team SUPP-96719 and as discussed I will provide update when the issue has an update or if it is now resolved. With this you can also refer to this case and include SUPP-96719 in previous transactions. Thank you.

  • Hi  

    I have a confirmation from our team that the issue has been completely resolved and post-incident observation did not indicate any further instances as such.

    Thanks for your co-operation.

    Regards

    Jaydeep

  • Fingers crossed. I got this yesterday with no news since. PS I had already implemented a connector to send direct and bypass Sphos email gateway.

    Hello,

    We will update you once the IP has been unblocked.

    In the meantime what you can do is create a send connector on the email server so that it will send emails directly to hotmail.com/live.com (only on the affected domains) instead of sending it through to Sophos Central.

    Regards,

  • Hi Jaydeep,

    Thanks for letting us know that this has been resolved. Haven't received any of these notifications to me directly, but I'll ask my colleague to monitor since it originated from her mailbox.

    Cheers,
    Faith