Hi everyone,I am setting up a separate thread as I did not receive any specific reply in other threads.
The case concerns Sophos Anti-Spam Interface after upgrading from v18.5MR2 to v18.5MR3 and from v19EAP1 to v19EAP2.
Before updating, antispam works great in legacy mode, detects a lot of intrusive messages and tags with a prefix (near 99%). After updating, only some messages are detected as spam and tagged (I did not do any changes in configuration).
What it comes from? How can I edit my lists to achieve pre-update spam detection?
Greetings
Just to update this thread, RE: NC-90702, development will include a fix in SFOS 18.5 MR4 and 19.0 MR1.
Do you use Legacy for a specific reason? Maybe because you have a external Email mailbox?
__________________________________________________________________________________________________________________
Yes, I don't have an internal mail server. All mailboxes are out of my network. Using MS Outlook.
Before update:
After update:
Hi, have the same problem after update to mr3, i have the mta module, did not change anything. Obvious spam getting through.
Log:
2022-03-26 22:36:27Emailusergpid="0" messageid="18035" log_type="Anti-Spam" log_component="SMTP" log_subtype="Allowed" status="" fw_rule_id="1" user="" policy_name="None" sender="smartcam@advertisecopy.co" recipient="bart@hbvdh.nl" subject="The Tiny, Discreet, Extra small size Video Recorder!" message_id="1nYE5D-0005Iq-FF-1648330587" email_size="10344" action="QUEUED" reason="Email has been accepted by Device and queued for scanning." host="advertisecopy.co" domain="" src_ip="212.45.32.236" src_country="NLD" dst_ip="" dst_country="" protocol="TCP" src_port="35782" dst_port="0" bytes_sent="0" bytes_received="0" quarantine_reason="Other" src_zone="WAN" dst_zone="" app_name=""
Bart van der Horst
Sophos XG v18(.5) / v19 Certified Architecthttps://www.bpaz.nl
Hello,
the Problem is no Sophos AntiSpam Interface Pattern-Updates.
Could be a potential issue with the pattern. Please check the Up2Date log on the firewall itself, if you see a firmware update issue with pattern.
UTM did this movement towards SASI and we found an issue in UTM.
https://support.sophos.com/support/s/article/KB-000042345?language=en_US
Could be potentially the same issue, could you please verify, if you see the same issue on your SFOS Appliance?
Hi LuCar,
I tried the instructions in the link you provided. The sasi.log does not exist on my XG115W, though the XG115W does show it has the SSSE3 feature.
Ian
XG115W - v19 GA - Home
1225v5 6gb ram, SSID, 4 NICs 20w - v19 EAP - on holiday.
If a post solves your question please use the 'Verify Answer' button.
Hi, I must check it, have SG115w rev.2. In my system SASI download and install patterns to v. 1.208.
MiNe is sitting on that version from 5 days ago.
There should be a SASI.log. https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Logs/LogFileDetails/index.html