Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Inbound allow list bypassing all security checks?

We use MailChimp to send comms to our business and Sophos Email Gateway blocks messages from it with reasoning "Bulk".

Mailchimp uses our Domain name as an envelop, so we whitelist the address "comms@domainname.com" to allow messages to be delivered.

However if I understand it correctly adding sender in inbound allow list means it will skip all security checks (including SPF/DKIM/DMARC) which means this particular address "comms@domainname.com" can easily be spoofed now?

If that's right then is there a way to customize what checks to skip (Bulk in this case) and what to leave in place?



Added tags
[edited by: Raphael Alganes at 3:17 AM (GMT -7) on 7 Jun 2023]
Parents
  • After contacting Sophos support the only option for this seems to be is to Enforce Sender Authentication in "Inbound Allow/Block" settings.

    It means the inbound filters will be bypassed only if the messages from this sender pass at least one form of DNS authentication (DMARC,SPF or DKIM).

Reply
  • After contacting Sophos support the only option for this seems to be is to Enforce Sender Authentication in "Inbound Allow/Block" settings.

    It means the inbound filters will be bypassed only if the messages from this sender pass at least one form of DNS authentication (DMARC,SPF or DKIM).

Children
No Data