Hi Community contributors,
Starting Sophos Firewall v19, with the addition of many comprehensive logging enhancements in the GUI, and in-line with industry best-practices, access to the Advance Shell is restricted to licensed commercial versions of the product.
Partners and certified architect engineers have an option with Not-for-Resale license to set up labs or customer PoC with unrestricted advanced shell. Also, Sophos Support is able access the Advanced Shell via support access channel. Hence, in case of critical issues, support can still can access it.
Sophos Firewall has been incrementally improved since v18 with comprehensive logging enhancements in the GUI (Better search, filtering, configurations, SD-WAN logs, VPN logs, gateway logs etc). However, we acknowledge that Advance Shell restriction might have created challenges in certain database related configurations, especially for home users.
Please help us understand the specific examples of challenges you face due to this restriction - configurations where GUI and console tools are reaching the limits. We will suggest the possible workaround for the specific scenario. We will also plan and gradually improve the product for those scenario.
Sincerely,
Sophos Firewall Product Team
Due to your passionate feedback, we are adding the Advanced Shell access back into SFOS v19 GA.
We greatly appreciate your feedback and are listening. Thank you very much for…
As for v18.5 and mail protection: you get absolutely no information why mails get dropped. The only info you get is "Mail has been dropped by policy <Policy name>". With the advanced shell you can at least review the logs and see whats going on. I Don't know if this is still the case with v19 though.
You should be able to see the actual reason of a dropping (SMTP log) by mouse over:
__________________________________________________________________________________________________________________
Did anything change in v19 in this matter? With 18.5 i only see this:
Is this a transparent SMTP scan engine or a MTA?
Never used transparent proxy mode so yeah, it's configured as MTA.
Dropped by policy basically means the spam engine did drop it. You can reference to this on the CLI, if you like. But we will pick this up, why the dropping does not contain the SMTP context.
No, it does not! "Dropped by policy" basically means that any security feature that is enabled inside the smtp policy might have caused the mail to be rejected. It might aswell be Data protection or malware protection. I have tested this. This error that is being returned doesn't say anything about the actual reason, rendering it almost useless. Please do your research, you should know that.
Odd. The MTA in fact does this. Not the transparent SMTP scanning.