Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +4 person also asked this people also asked this
  • Locked Locked
  • Replies 117 replies
  • Answers 2 answers
  • Subscribers 56 subscribers
  • Views 26047 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[SFOS 18.5MR3] Poor spam detection after update to Sophos Anti-Spam Interface

darnoK

Hi everyone,
I am setting up a separate thread as I did not receive any specific reply in other threads.

The case concerns Sophos Anti-Spam Interface after upgrading from v18.5MR2 to v18.5MR3 and from v19EAP1 to v19EAP2.

Before updating, antispam works great in legacy mode, detects a lot of intrusive messages and tags with a prefix (near 99%). After updating, only some messages are detected as spam and tagged (I did not do any changes in configuration).

What it comes from? How can I edit my lists to achieve pre-update spam detection?

Greetings



This thread was automatically locked due to age.
Parents
  • 0

    I am curious.

    Are only Home Users seeing this issue? Because it looks like, only Home Appliance are affected by this potential issue. Or does somebody with a Appliance (SG/XG/XGS) have the same issue? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I am a Home User, setup SFOS in MTA mode.
    I do not experience more spam coming through then before the upgrade to 18.5 MR3.

    Behind the XG is a mailserver with a second line of spam defence, that doesn't show an increase in activity either.

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
  • 0 in reply to Peter-Paul Gras

    Same here, but what I noticed is I don't get any confirmed spam in quarantine anymore, and probable spam is not tagged with [SPAM]. Seems those mails are not processed by spam engine and go straight through to my mail server.
    What works is the RDNS and RBL checks.

  • 0 in reply to EdmundSackbauer

    Ok it seems its now working for me. It seems Antispam service was not running properly. Monitoring was not complaining and under "System Services" it was shown as "Running". I tried to stop it, but I got an error.

    The solution: Restarted my firewall, and turned off and on the Antispam function in my SMTP policy. Since then spam is properly sent to quarantine or tagged with [SPAM] again.

  • 0 in reply to EdmundSackbauer

    I confirm this solution. It's a temporary solution, but it works. Stop SPAM rule, stop SASI service, start SASI and start SPAM rule. Working sice yesterday. E-mails are tagged properly. It works also in v19EAP2.

  • 0 in reply to darnoK

    And unfortunately stops working :/

Reply Children
Unfiltered HTML