This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9 (9.506-2) Data Protection - Content Control Lists not working

Hello,  I have Sophos UTM 9 set up with email protection for outbound email. Everything works but I cant get the Content Control List in the Data protection to block anything. I have it set up for SSN (USA).  I have an excel test with over the limit, which is 10,  there is 14 on there. When I send to external email, it allows it through.



This thread was automatically locked due to age.
  • Hi Todd and welcome to the UTM Community!

    Please show a picture of the spreadsheet content.  If you paste the content directly into an email, is it then seen?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello,

       See attached sheet for what I used. I did also paste this info into an email and it was not blocked.  Attached is also a list of the CCL's I have in place and settings.

      Doc10.docx

  • I suspect that that's not close to being a real list.  Trying with https://fakena.me/fake-social-security-number/...

    What happens with 574-18-8230, 221-70-8264, 518-37-2352, 650-46-1226, 402-94-7113, 523-64-9423, 518-54-9855, 499-62-2247, 048-92-4701, 576-22-5862, 347-02-6530?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Perfect,  That seemed to be it.  it did block it.  Quick question, How can I set it up to block it, if it hits the ccl's.  But automatically encrypt it if its less than the ccl allows, but still contains a SSN, CC etc..?

  • It's not that flexible, Todd.  The best you can do is use a 'Custom Expression' like SPX Secure in the Subject of the email to have the protection apply when a CCL wouldn't do so automatically.  Even then there's no dynamic selection criterion that would allow you to choose between encrypting and blocking.  If that level of granularity is important, you will want another tool like the Sophos Mail Appliance.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA