Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Header Anomaly - two different mailserver - same domain

is there a way to verify a 2nd mailserver as trusted without getting header anomaly triggered?

We got an external mail service (Amazon SES) for sending mail batches for newsletter etc.
Some of those mails will be send towards internal which tiggers a header anomaly in sophos central caused by the same domain and two different mailservers.

Our goal is that we wanna harden our mail base policy and send these mails header anomaly into quarantine.

Internal Mailserver: @abc123.com
External Mailserver: newsletter@abc123.com

We configured DKIM aswell but it won't get rid of header anomaly internally.

Any ideas how to solve or improve our settings?

Thanks for your input



This thread was automatically locked due to age.
Parents
  • I still wonder why this doesn't work with a new policy on top which allows certain mails and should tag them instead of moving them into quarantine.
    Always the base policy which is at the bottom (and both policies are enforced) is taking the action.. instead of policy 1

Reply
  • I still wonder why this doesn't work with a new policy on top which allows certain mails and should tag them instead of moving them into quarantine.
    Always the base policy which is at the bottom (and both policies are enforced) is taking the action.. instead of policy 1

Children
No Data