Hi team, we are using a Sophos XGS firewall to protect our mail server. The firewall is running in MTA mode and has a (free Letsencrypt) certificate installed which is periodically updated and currently still valid. One of our partners requires us…

Its possible to create regular expression on sophos xgs? i remember sophos utm 9 we can create regular expression on antispam mail protecction but i dont foud this option on xg and xgs its possible to create? maybe CLI? i need for block by subject mail…

Hello i have a XGS136 (SFOS 19.5.2 MR-2-Build624) and we need for a Cyberpolice to disable TLS 1.1 for MTA SMTP on the sophos I heard there is a workaround ? NC-77151 ?? thx Andy

Hi, When test using sophos email appliance When test enable Email in Firewall MTA Mode Anyone encounter this? How to set in firewall to get result same as sophos email appliance?

Hi, I need help to migrate my SEA and use Sophos XG FIrewall Email Protection as replacement. Current Setting Inbound: Internet (SEA WAN IP 222.2.3.69) -> SEA (in DMZ 172.16.1.3) -> Exchange Server (in LAN 192.168.1.1) Outbound Exchange Server…

My mail server is behind the firewall. I tried to set up the authenticated relay, but it looks like this feature doesn't work. Is it possible to do this without IP host? What to do if my external mail client has a dynamic IP and I cannot bind to it. What…

Is there a way that I can only send emails from my domain? block all other domains so that users can only send emails through the company email?

Hello, how do you setup Qurantine Reports and Release for group mails. There is a group mail invoice@customer.de . How do the User get the report and release the mail? Sven

Apparently no DKIM signature is attached to the outgoing emails. The keys were generated using OpenSSL (openssl genrsa -out private.pem 1024). SFOS acts as MTA. This is usually not great rocket science. Is there currently a known problem? There is already…

I have the oddest problem with my XG firewall. Everything works fine, with the exception of the MTA passing mail to the backend server. MTA internal IP is 192.168.128.1 - Mail Internal IP is 192.168.128.12 The problem. Mail is stuck in the mail spool…

Hello, I need to change target port to internl exchange server to port 5252. MTA mode uses port 25 as normal. Cause of reicipent filter with callout needed, this is not working on smtp port 25, cause of exchange implementation. This have to setup…

Good Day, What is the submission rate on Sophos XGS2300 when SMTP DoS is disabled? Kind Regards,

After a recent update, we are getting lots of false positives so we're trying to add known domains to the Exceptions to bypass Spam filtering. As an example if we add a domain "*@gmail.com" , even though the documentation says this should work, it…

Hello, We are having a problem with our outbound email getting marked as spam when going to office365 (and outlook.com). We host our email internally and have implemented SPF, DKIM, and DMARC. When emailing other companies we email we pass SPF, DKIM…

Hi, i want to block incoming (phishing) mail. I enabled mta and all is working fine. I use a XG 19.5.1, i created a SMTP route & scan policy. I added my domain.de I enabled SPAM protection and selected Reject based on SPF. Now i use an external…

Hi, how to make an exception for BULK mails? It isn't listed under "Skip these checks". Regards

Hi guys, we have problems with SMTP File protection and S/MIME mails. File protection is active and configured with Block file types "ALL". MIME white list is configured. Now, external S/MIME encrypted Mails are getting filterd: ontent-Type: text…

Hi Guys, since yesterday we suddenly have a massive false-positive detection of probable spam in SMTP Spam Protection. We are on SFOS 19.5.1 MR-1-Build278 (XGS3300), no config changes a few days. We never had a problem with config "Probable Spam…

Has the feature been enabled or do we have a date when it might be possible? Email name spoofing is a huge problem and we have all the dkim and spf records in place but they mean nothing if the email filter is not helping with this Also, TLD…

hi, i have XGS2100 ver 19.5 , from last few days facing issue that inbound emails are being rejected. when i see in mail spool then mail is shown as rejected with following msg. R=static_route_hostlist T=static_smtp defer (110): connection timed out…

Hello, In the UTM world I was able to set up the UTM to relay all outbound email through it before going out. Likewise, I was able to set it up to scan and mark all incoming mail for AV and SPAM and store for release by user via a weekly digest email…

Hi communiy, after a failed update of avira antivirus pattern last monday incoming mails remained with status error in mail spool: We have fixed the pattern issue by starting the update manually, but the mails remains in mail spool -> Error. We…

Hello, since 2 weeks something is wrong with my email filter. Many email adresses are wrong, but I know that they are right and I know that these emails are no spam. When I open the email, I can see the real email adress (e.g. newsletter@XXX.com ).…

My specific problem now is I can't get the MTA mode and alias IP addresses to work. Tried following the instructions in and https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/122602/sophos-xg-how-to-setup-mta-mode-when-you-have-multiple…

SOPHOS FIREWALL NOT SCANNING "MAPI" EMAILS