This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Notification emails being blocked by antispam sender blacklist

Hi,

We have our email servers hosted internally, so a recommendation to stop email spoofing is to reject any external incoming email with our email domain as a sender. So I setup an antispam sender blacklist blocking all emails supposedly from our domain (*@domain.com). This though causes a few issues, one main one being that notification emails  from the UTM to an email address on our domain are now blocked by the blacklist, and exceptions do not work (I know abut this request https://ideas.sophos.com/forums/17359-sg-utm/suggestions/6996061-email-exceptions-to-anti-spam-sender-blacklist). I saw a workaround using a DNAT rule, but this doesn't work either as the source server is localhost (127.0.0.1) and I can't make a Network definition with that IP, unless there is a magic way of using that IP in a DNAT rule.... which relies on the UTM being secure... which I hope it is...

Is there anyway around this... or will I have to not use the blacklist filter....

Regards

Damien



This thread was automatically locked due to age.
Parents
  • Hi Damien,

    In any case, I would do what Jonas suggests.

    In 'Notifications', you will want to change back to: 

         

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi Damien,

    In any case, I would do what Jonas suggests.

    In 'Notifications', you will want to change back to: 

         

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hi Bob,

    This is the best solution for me, thanks. I have already got SPF, DKIM, DMARC on  (thanks Jonas) so the blacklist is another level of protection (and so far I have not anyone seen to try and spoof our domain in external emails, touch wood).

    Regards
    Damien