Hi,
We are using Sophos UTM 9.204-20 and have the EMail Protection Module.
Mail generated using spoofing websites like from emkei.cz and deadfake.com is being allowed to pass through. I tried spoofing our own domain as well as another domain. It is always being allowed to pass through. We have everything switched on in AntiSpam (ie: RDNS, BATV, RBL, Greylisting, SPF check), and it still is being allowed to pass.
The only solution is to Blacklist the whole domain (ex: Blacklist emkei.cz), but I hardly call that a solution as I don't know every domain that can be used to spoof senders and spoofed mail can really come from anywhere.
Is there a way to block these? I would have thought that a RDNS check would have instantly blocked these, but somehow they are being allowed.
This thread was automatically locked due to age.
