3CX DLL-Sideloading attack: What you need to know
I have outbound emails filtered through Sophos and in the outbound gateway I have the ip of the firewall. The client can send emails out normally using outlook. The issue is when we have a mailbox set up to forward mail to a contact through the recipient / mail flow in the exchange admin center the email gets rejected by Sophos.
This is not an issue with the exchange server as it used to work when filtered through Reflexion. The minute we moved to Sophos Email it started to block any forwarded messages. Any help would be appreciated.
Thanks!
Hi all,
We found some information, which we cannot test, but seems like, Microsoft did some changes in On premise Exchange. Feel free to test it and report back, if this solves your problem.
https://techcommunity.microsoft.com/t5/exchange-team-blog/sender-rewriting-scheme-upcoming-changes/ba-p/2632829
We are further consolidating our rewriting for message forwarding. Not all forwarded messages are rewritten using SRS today. Messages forwarded with SMTP or mailbox forwarding have their P1 Mail From address replaced with the forwarding mailbox address. This will change to using SRS rewriting instead.
This is a behavior change that may result in some disruptions. For one, SRS does not rewrite messages destined for on-premises while the current rewriting process does. This could cause forwarded messages sent to or via on-premises to be rejected by the final recipient or a filtering device along the way. The setting in #1 has been provided to fix this gap and allow messages to still be rewritten after this change in behavior. Update: we will share more information when we start rolling out the change. Our recommendation is that customers routing messages to the Internet via their on-premises servers should proactively enable the new setting on their connectors. You can find out more about SRS here.
__________________________________________________________________________________________________________________