Hi folks,
a question about decrypt and scan that has me puzzled for sometime.
The users have the XG certificate installed and functioning correctly except for Apple sites.
I have web policies blocking advertisements and use the XG proxy, this functions…
Have already been referred here:
https://doc.sophos.com/nsg/sophos-firewall/19.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/GeneralSettings/index.html#smtp-settings
I wonder if any of you guys can share with me what and why your settings…
Hello,
We use the Web Server Protection of Sophos XG Firewall and have now reached almost 60 WAF rules. This is also the maximum number of WAF rules. Is it possible to combine several URLs in one WAF rule and route them to different servers?
WAF rule…
Hi folks,
I am trying to identify which web policy is identified on the logviewer reports causing traffic to be blocked.
So far the reports have shown policies numbered 1, 2 and 13. The issue being I don't have 13 web policies and policies 1 and 2…
Hello everyone,
I have the following question. We have a customer with an XGS 3100 with version 19.5.3. The Sophos serves as a mail gateway/relay and is connected to Sandstorm. Now the question was whether Sophos can also check web links within incoming…
Hello,
as the shared mailboxes that we use almost exclusively cannot use the mail quarantine, we have not been using mail quarantine since the switch to SFOS. Recently, however, important messages have been ending up in quarantine again due to an allegedly…
I can only see "Reject" events in the GUI when going to Email -> Mail logs.
I do not find them anywhere in any of the built-in logs and they are also not sent as audit logs. The other SMTP Anti-spam events "Dropped" and "Delivered" are both logged in…
Hi,
I am prepairing configuration to use XGS as MTA and I have some questions which I don't find answers to.
Current situation:
External MX and MAIL-out server are used, Exchange is set up locally.
We have /24 public IPs on that site and only…
Good day,
our Sophos XG330 acts as an MTA in our network. We have an on-premise Exchange server for whose domain we have created an SMTP policy in the Sophos email settings. This is working very well so far. Now we have to enable our users to integrate…
Hi all, When AV or other protection features are enabled, we keep running into various problems while uploading large files. Sometimes the disk space (Temp=100%) seems to be the cause, sometimes other internal buffers. We have the requirement to allow…
Hi,
Outlook translator feature isn't working; I received this error, as seen in the below photo, and was unable to find out how to allow the traffic for the Outlook translator tool As I add my IP address to any destination + any port. The translation…
Hello everyone, Recently i noticed a bunch of tickets regarding the following.
i want to go on facebook, but facebook is blocked.
instead of the blocked page i get Error code: SEC_ERROR_UNKNOWN_ISSUER(firefox) or NET::ERR_CERT_AUTHORITY_INVALID…
Hello,
I delete the MTA SMTP default rule, cause it seems to do to much. How is this rule used?
How do I get it back? MTA Switch to Legacy and back? Config stays at it is?
Thanks Sven
We disabled legacy TLS protocols and some of the legacy vulnerability did get mitigated. But we still have TLS1.1 vulnerabilities as per our vulnerability assessment tool. Is Sophos planning on removing TLS1.1 support from SMTL TLS config setting? what…
Hi,
I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions.
e.g.
/ - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…
We use Sophos Firewall as EMail Protection for incoming Mails.
Firmware: SFOS 19.5.3 MR-3-Build652
SMTP deployment mode: Device acts as a Mail Transfer Agent (MTA)
DKIM Settings:
DKIM is set to accept, some mails will be quarantined by DKIM verification…
I am not sure which settings is causing it, but i have hard time finding anything usefull about it.
On my network only https is allowed, now we got arduino boards which sadly downloads over the app their zips(firmware) over http (without the S ..…
I need to add the TLS exclusions for allowing Office365 updates through because the Web Protection module is blocking them - I can update my Office365 apps fine without the protection as this has been tested successfully.
My firewall is XGS87 running…
XGS Firewall, WAF rules has 10 listed domains.
What is the sort order based on for these domains?
Whenever we delete one from say position 5, add a few new ones, then add the number 5 one again (we have saved and reopened the rule multiple times)…
Situation.
We have a WAF rule with several test sites in the domains list. Example below.
test1.testurl.com
test2.testurl.com
test3.testurl.com
test4.testurl.com
These all point to one IIS. On the IIS these are all separate sites.
When we…
I found some old posts (>2y ago) about the XG WAF module not supporting MFA authentication for a webservice.
Has this changed since? We want to use MFA before using on-prem Exchange OWA.
Many internal users already have an Sophos MFA token and it…
Hi
Our Sophos XG acutally moves much mails to quarantine which are not spam. For me, it looks like most of them are sent by automated mailsystems (a lot of them are invoices from partners, sent automatically to our invoice-Mailbox)
The big Problem…
Dealing with a strange issue where the FW appears to be trying to decrypt a site even though the setting is OFF. Is there another policy that would be impacting this (or producing this sort of error)?