Browse By Tags

  • All email in Mail spool failed with "no route to host" using O365 as smarthost in MTA mode

    Hi everyone! In my home lab running Sophos XG Home I've configured Email running as MTA using O365 as smarthost. (I'm using the MX endpoint as smarthost FQDN per this description ). This setup has worked for years, somehow it broke and I'm unable to…
  • 2 questions with MTA mode email protection

    Hi All, I have 2 questions with MTA mode email protection. Inbound email protection need SMTP route & scan policy to route incoming mails to the internal mail server. And outbound email protection need SMTP route & scan policy to encrypt mail with…
  • Disabling TLS 1.1 within SMTP TLS configuration

    Hi, We've a XG230 running SFOS 18.5.2 MR-2-Build380 During a recent external pen test it's been reported our externally available SMTP service is supporting TLS 1.1 which is a risk because Numerous vulnerabilities have been found in TLS Version 1…
  • TLS erzwingen beim E-Mail Versand/Empfang

    Hallo, auf einem UTM-Cluster (v9.708-6) habe ich unter "Email Protection" ==> "SMTP" ==> "Advanced" ==> "TLS Settings" das Zertifikat (Commodo) hinterlegt und "TLS version" auf 1.2 gesetzt. Funktioniert alles ganz normal, E-Mails werden TLS-verschlüsselt…
  • Sophos XG Home with mailbox.org / smtps / imaps - sending, receiving and scanning

    Hello there, first of all, let me short introduce myself: i am a sophos XG Home User since the weekend. I believe the Sophos XG is a fine solution for every home user. i even would pay for it, even for support. i am using a simple micro-system with…
  • MTA Backup Mail Server to Internal Email Server over RED Tunnel

    I have had a site-site VPN link to/from my inlaws for simple NAS backups and running backup email MTA for about 5 years now. both XG firewalls have just been updated to SFVH (SFOS 18.5.2 MR-2-Build380), however since the update the SSL Site-Site VPN…
  • Close port 25 for MTA

    I've got a customer with an XG310 firmware 18.5.1. They have the MTA fully in use but they like to have there mail delivered on port 587. So i changed the auto added firewall rule, and that is working well. Mail is coming from there antispam provider…
  • Customize Quarantine Digest -> Release link : Customize Link and redirekt to the User Portal

    Hello, since Sophos changed the behavior of the Quarantine Digest, in every new major release (17.0,17.5,18.0,18.5), the release link redirects to a static webpage complaining that the user should visit the user portal. Can this be changed, so that…
  • RBLCheck maybe not working

    Hi, i have many spams on my utm and it goes through the utm. I don't know if the rbl check is working proparly. is there a possiblity to check this? And i know the question is often written, but what are the best RBLs for dyn-dns-email-server? Yeah…
  • Mailscanner process uses 100% CPU (stuck emails in spool)

    Hello, We use a Sophox XG210 with firmware SFOS 18.5.1 MR-1-Build326 (no update available when checked) For a week now I have regular warnings from Sophos Central that our CPU is pegged at 100% I have 3 mails stuck in spool that I am unable…
  • Problem with SPF; some mails not blocked; only Return-Path checked and not From-Field?

    It looks like SPF check is working only on the return-path. Proved by: I can see external messages in the email log, which a blocked via spf (faking our domain as sender). However, there are other messages, which have our domain in the from field (mail…
  • Sophos XG - delete all quarantined file

    Hello, I can't see a soulution in https://community.sophos.com/sophos-xg-firewall/f/discussions/129765/sophos-xg---delete-all-quarantined-file/476812#476812 We also have so much mails to delete. To show only 20 per page and delete them, will…
  • any way to monitor sophos xgs mailspool length ?

    Hello, is there a way to monitor xgs mailspool externaly for using in checkmk or nagios or similar ? i checked the web api, but there is nothing for displaying stats , seems to be only for setting things https://docs.sophos.com/nsg/sophos-firewall…
  • Sophos Email Gateway delivery to XG hiccup this morning?

    This morning around 7:50 our XG started logging: system " Failed to send firewall information from device to CM" and around this time the XG stopped receiving and delivering e-mail from and to Sophos Email Gateway. And log: SYSTEM 2021-11-22 08:48…
  • Sophos xg 86 17.5 email protection,legacy mode

    HI, I'm trying to set up email protection, but I don't know where to activate the smtp scan When adding a new rule, I can't find an option to activate the smtp scan.
  • POP3Proxy Connection to remote server failed: USER failed on remote server: -ERR Unsupported authentication type

    Hi I have configured email protection on Sophos UTM and I want to connect the email account to Microsoft Outlook. When I make the pop settings on Microsoft Outlook, it gives a password error and the Sophos side log is as follows: pop3proxy[20426]…
  • Exchange IMAP

    HI All My exchange server works fine in version 17 and I upgrade to V18 and I couldn't send or receive email from outside my network. what would be the possible problem and how can I solve it
  • Mail being rejected after evaluated as sender being blacklisted

    Since yesterday (10-21-2021) i've noticed that a lot of emails, that used to pass, are being rejcted based on the evaluation that the senders ip has been blacklisted. Has anyone else have the same experience? SFOS 18.5.1 MR-1-Build326 Device acts as…
  • Firewall and NAT Policies for Internal Mail Server

    Hi, In our network infra we have 2 ISP configured on 2 interfaces of XG-210. Our Web Server and Mail Server is hosted in LAN Zone and the mail server is natted with WAN 2 IP address. The websites works fine but we are unable to sned or receive any…
  • Options for replacing an XG SFOS 18.5.1 with something that can send email reliably?

    I'm reaching the end of my ability to deal with my XG firewall. Came from a working UTM that expired. The XG just cannot/will not reliably relay email from internal servers to the internet. Messages keep hanging and Sophos tech support keeps deleting…
  • Sophos XG Email Protections - high amount of false positive Blacklist

    we are currently seeing high amounts of false positive blacklist hits, although none of the IPs is actually blacklisted. SFOS 18.0.4 MR-4 here are a few examples, of IPs which not blacklisted but got rejected. 194.56.219.38 194.56.219.33 …
  • Notification emails being blocked by antispam sender blacklist

    Hi, We have our email servers hosted internally, so a recommendation to stop email spoofing is to reject any external incoming email with our email domain as a sender. So I setup an antispam sender blacklist blocking all emails supposedly from our domain…
  • Sophos XG und Spamhaus DROP List

    Hallo zusammen, wir haben bei der Präsentation einer OPNsense Firewall gesehen, das hier dynamische IP Blockierlisten von bekannten Schadservern eingebunden werden können und so der Zugriff auf diese IPs verboten ist. Kann die Spamhaus DROP Liste (…
  • SOPHOS XG is sending Junk/Spam email out

    i have XG125 (SFOS 18.5.1 MR-1-Build326), it is configured in MTA mode. email server is placed in LAN. from last four days i am continously seeing in sophos in logs that someone who is not from my domain is as sender and recepient is also random, in mail…
  • XG Email Block TLD

    Is there a way to block a TLD in email protection? For example I used "*@*.ru" in our UTM under Blacklisted Address Patterns, but do not see where to do this in XG. Thanks.