We have our email servers hosted internally, so a recommendation to stop email spoofing is to reject any external incoming email with our email domain as a sender. So I setup an antispam sender blacklist blocking all emails supposedly from our domain (*@domain.com). This though causes a few issues, one main one being that notification emails from the UTM to an email address on our domain are now blocked by the blacklist, and exceptions do not work (I know abut this request https://ideas.sophos.com/forums/17359-sg-utm/suggestions/6996061-email-exceptions-to-anti-spam-sender-blacklist). I saw a workaround using a DNAT rule, but this doesn't work either as the source server is localhost (127.0.0.1) and I can't make a Network definition with that IP, unless there is a magic way of using that IP in a DNAT rule.... which relies on the UTM being secure... which I hope it is...
Is there anyway around this... or will I have to not use the blacklist filter....
setup SPF, DKIM and also DMARC (DMARC based on SPF and DKIM) for your Company Domain and you are fine!
In any case, I would do what Jonas suggests.
In 'Notifications', you will want to change back to:
Cheers - Bob
This is the best solution for me, thanks. I have already got SPF, DKIM, DMARC on (thanks Jonas) so the blacklist is another level of protection (and so far I have not anyone seen to try and spoof our domain in external emails, touch wood).