Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos email filter blocking certain email attachments, unable to allow through

I currently am trying to allow a URL attached to an email through the filter that is set in my Sophos Central application.  Does anyone have any ideas of where to Allow certain attachments or URLs written in an email? The URL being blocked is the domain creator.zohopublic.com. I am leaving out part of the full URL for security reasons.  I have added the domain creator.zohopublic.com with multiple wildcard (*) placements to the Allow/Block list in Sophos Central, to no avail. 

On a side note: the creator.zohopublic.com domain may have an outdated SPF record, but I am not positive about that. 

Any help is greatly appreciated. 



This thread was automatically locked due to age.
Parents
  • Hello Matt

    Good day and thanks for reaching out to Sophos Community

    Does the said domain's DMARC and DKIM also outdated? If you suspect all of their DNS checks - DMARC, DKIM, SPF records are outdated or they only use one check which is SPF and could be outdated as well. Could you uncheck setting "Enforce Sender Authentication" on the Inbound Allow/Block and see if email would pass through? 

    Many thanks for your time and patience and thank you for choosing Sophos

    Cheers,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Reply
  • Hello Matt

    Good day and thanks for reaching out to Sophos Community

    Does the said domain's DMARC and DKIM also outdated? If you suspect all of their DNS checks - DMARC, DKIM, SPF records are outdated or they only use one check which is SPF and could be outdated as well. Could you uncheck setting "Enforce Sender Authentication" on the Inbound Allow/Block and see if email would pass through? 

    Many thanks for your time and patience and thank you for choosing Sophos

    Cheers,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Children