Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Discussions Ventral Email - Plan text email with suspicious url send to large no of recipients not quarantined

Sophos Email requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 2 replies
Subscribers 16 subscribers
Views 3508 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ventral Email - Plan text email with suspicious url send to large no of recipients not quarantined

Fred_B 11 months ago

We are receiving spam e-mail with a suspicious url from gmail and outlook accounts with a large number of TO recipient adresses (>300).

There is no smart banner added as it is a plain text e-mail. Content-Type: text/plain;

There is a plain text url present which ClickProtection recognises and rewrites to a Sophos clickable url.

Doesn't Sophos quarantine by default e-mails send to large numbers of email adresses? Is there a way to block it?

TIA,

Fred

This thread was automatically locked due to age.

Top Replies

emmosophos 11 months ago +1 verified

Hello Fred, Thank you for contacting the Sophos Community. Do all the recipients belong to the same domain? Or several different domains? As far as I know, no, it doesn't unless the email falls in…

+1 emmosophos 11 months ago

Hello Fred,

Thank you for contacting the Sophos Community.

Do all the recipients belong to the same domain? Or several different domains?

As far as I know, no, it doesn't unless the email falls in the bulk category.

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Cancel
0 Fred_B 10 months ago in reply to emmosophos

Hi Emmanuel,

All recipients belong to different domains. So IMO it should've been quarantined under the Bulk category. I reported the messages when received to Sophos and we are no longer seeing them.

Regards.

Fred
Cancel
Vote Up 0 Vote Down

Cancel