Hi,
I am prepairing configuration to use XGS as MTA and I have some questions which I don't find answers to.
Current situation:
External MX and MAIL-out server are used, Exchange is set up locally.
We have /24 public IPs on that site and only…
Good day,
our Sophos XG330 acts as an MTA in our network. We have an on-premise Exchange server for whose domain we have created an SMTP policy in the Sophos email settings. This is working very well so far. Now we have to enable our users to integrate…
Hi all, When AV or other protection features are enabled, we keep running into various problems while uploading large files. Sometimes the disk space (Temp=100%) seems to be the cause, sometimes other internal buffers. We have the requirement to allow…
Hi,
Outlook translator feature isn't working; I received this error, as seen in the below photo, and was unable to find out how to allow the traffic for the Outlook translator tool As I add my IP address to any destination + any port. The translation…
Hello everyone, Recently i noticed a bunch of tickets regarding the following.
i want to go on facebook, but facebook is blocked.
instead of the blocked page i get Error code: SEC_ERROR_UNKNOWN_ISSUER(firefox) or NET::ERR_CERT_AUTHORITY_INVALID…
Hello,
I delete the MTA SMTP default rule, cause it seems to do to much. How is this rule used?
How do I get it back? MTA Switch to Legacy and back? Config stays at it is?
Thanks Sven
We disabled legacy TLS protocols and some of the legacy vulnerability did get mitigated. But we still have TLS1.1 vulnerabilities as per our vulnerability assessment tool. Is Sophos planning on removing TLS1.1 support from SMTL TLS config setting? what…
Hi,
I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions.
e.g.
/ - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…
We use Sophos Firewall as EMail Protection for incoming Mails.
Firmware: SFOS 19.5.3 MR-3-Build652
SMTP deployment mode: Device acts as a Mail Transfer Agent (MTA)
DKIM Settings:
DKIM is set to accept, some mails will be quarantined by DKIM verification…
I am not sure which settings is causing it, but i have hard time finding anything usefull about it.
On my network only https is allowed, now we got arduino boards which sadly downloads over the app their zips(firmware) over http (without the S ..…
I need to add the TLS exclusions for allowing Office365 updates through because the Web Protection module is blocking them - I can update my Office365 apps fine without the protection as this has been tested successfully.
My firewall is XGS87 running…
XGS Firewall, WAF rules has 10 listed domains.
What is the sort order based on for these domains?
Whenever we delete one from say position 5, add a few new ones, then add the number 5 one again (we have saved and reopened the rule multiple times)…
Situation.
We have a WAF rule with several test sites in the domains list. Example below.
test1.testurl.com
test2.testurl.com
test3.testurl.com
test4.testurl.com
These all point to one IIS. On the IIS these are all separate sites.
When we…
I found some old posts (>2y ago) about the XG WAF module not supporting MFA authentication for a webservice.
Has this changed since? We want to use MFA before using on-prem Exchange OWA.
Many internal users already have an Sophos MFA token and it…
Hi
Our Sophos XG acutally moves much mails to quarantine which are not spam. For me, it looks like most of them are sent by automated mailsystems (a lot of them are invoices from partners, sent automatically to our invoice-Mailbox)
The big Problem…
Dealing with a strange issue where the FW appears to be trying to decrypt a site even though the setting is OFF. Is there another policy that would be impacting this (or producing this sort of error)?
I've been wondering for a while, is there any way to check if the XG Sophos Firewall can provide access to YouTube for Schools rather than the general YouTube content?
We're implementing a QoS plan, and that includes cutting YouTube access off, but…
Over the last couple of weeks, we've been having an issue where a website that is whitelisted properly is getting miscategorized and being blocked as category none.
As you can see in the picture below, the URL that the Sophos Firewall is processing…
One of our customers is encountering the following DKIM issue. Emails from two suppliers are consistently being quarantined due to DKIM verification. The selectors are as follows:
s=strato-dkim-0003 c=relaxed/relaxed a=ed25519-sha256 b=512 s=strato…
Hi.
I am facing an issue with the Web Application Firewall.
I have several WAF rules configured, some using SSL and other are not. They point to a central web server. The domain name is used to differentiate each web app and that is forwarded on to…
Hello,
Yesterday we have upgraded a Sophos XGs cluster to firmware 19.5.3 MR3-build652 and we noticed that one of the 2 nodes was greylisting e-mails coming from addresses that have e-mailed this organization in the past. Once we failed the nodes over…
Hi Team,
I configured a DPI Rule, that should decyrpt SSL/TLS Traffic, but it actually doesn´t, despite Policytest says, it does.
Even if AV Scanning is active, the firewall does not block access to https://secure.eicar.org/eicar.com.txt . If…
We use a Sophos XGS87 (SFOS 19.5.3 MR-3-Build652) and we want to use POP3 Scanning in legacy mode.
In document ( https://doc.sophos.com/nsg/sophos-firewall/18.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigurePOPIMAPScan…