Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 2 answers
  • Subscribers 18 subscribers
  • Views 7907 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow/Block sender Authentication improvement request

Dan Marko

there are four columns in the Allow/Block page [Action, Address/domain/ip address, Created on and Sender authentication ]. It would be useful to know if  an allowed address fails the sender authentication check. When a client asks us to allow an address we do not have time to test to see if the address the client requested us to allow passes the sender authentication check before adding to the allow list. If you could add column or two to the screen. Number of messages that failed sender authentication in the last 30 days.  Number of messages that passed sender authentication in the last 30 days.   The idea is if there are messages failing we can contact the sender t oget them to increase their security and once they are passing the authentication check we can enable it.



This thread was automatically locked due to age.
Parents
  • +1

    We do provide a report for Message Authentication failures. Up to 365 day view of this can be filtered and on the main dashboard as well. See last screen shot for the column for Auth failure with hyperlink that takes you to the Message History for each of the messages. Note it is also export enabled. I applaud your effort to contact senders to fix their message authentication and hope you have lots of success getting that done. Many people simply don't understand DMARC, SPF, DKIM.

Reply
  • +1

    We do provide a report for Message Authentication failures. Up to 365 day view of this can be filtered and on the main dashboard as well. See last screen shot for the column for Auth failure with hyperlink that takes you to the Message History for each of the messages. Note it is also export enabled. I applaud your effort to contact senders to fix their message authentication and hope you have lots of success getting that done. Many people simply don't understand DMARC, SPF, DKIM.

Children
  • 0 in reply to Tom Foucha

    The report you suggested lacks enough detail to action on. If I know which items failed sender authentication then I can action them. If a allow list entry with sender authentication enabled fails the email is not delivered. I can then ask the recipient if it was an important email and either remove sender authentication or ask the sender to improve their environment. If an allow list entry where sender authentication is disabled fails  sender authentication then I can ask the sender to improve their environment. If an allow list entry where sender authentication is disabled has not fails sender authentication for a few months. I would be able to ask the recipient if we can enable sender authentication. 

    Email Gateway - Inbound Allow/Block --- sender authentication

      1. sender authentication seems like a great idea but I would like more information so that I can migrate allow list account to allow list accounts with sender authentication.
      2. Currently we add allow list accounts and when we almost never add the sender authentication.
    1. Because when the client asks us to allow they have already missed a few email from a customer or vender and they just want it to work.
      1. I want to print a report of the status of allow list.
    1. Email address , sender authentication (on or off) ,number of emails that failed sender authentication in the last 30 days, number of emails sent to that email address. How many of the messages would have been blocked If they would have been flagged as spam.
          1. This would allow us to get venders or customers to improve their environments and that would allow us to remove them from the allow list. Or to enable sender authentication.

     

     

  • 0 in reply to Dan Marko

    The report is clickable and takes you to message history which provides all the detailed information you would need to discover sender/receiver which is all that is required to add to an allow/block list. We even give you the option from the message details window to add the user or domain to a blocklist by clicking a button. In addition there is a category filter in Message History search that will show you which messages failed authentication.

    In regards to printing end user allowlist/blocklist that is a feature that is coming in late June of 2023. Admins will have access to edit individual user allowlist and blocklists as well as export/import.

Unfiltered HTML