I've migrated from PureMessage to Sophos Central Email a couple of weeks ago and I am seeing an issue with spam that I can't quite figure out.
I updated my MX record to use the two Sophos servers, 99% of our mail is flowing inbound as expected with a number of genuine bulk and spam mail being caught in Quarantine as expected.
However, I am seeing quite a bit of junk mail coming through and completely bypassing the Sophos servers, obvious to see as the 'Received: from' value is not the Sophos server but random I.P addresses.
I still have PureMessage running so I am able to capture them before they hit the users inboxes but how is this scenario possible?
I was concerned it was an Exchange misconfiguration but everything looks fine there.
On another note, would it be recommend to update my Exchange Receive connector to only accept mail from the Sophos servers?
Thanks
Added tags
[edited by: Raphael Alganes at 10:03 AM (GMT -7) on 29 May 2023]
