This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is it possible to create an exception for the "Sender blacklist" ?

Hi,

because of a recent spam attack, one of my customers faced, I blocked their own Domain with the "Sender Blacklist" option. In general this works because the smtp-proxy does not block (probably because of the allowed relay settings) mails where the senderaddress is from the customers maildomain. The result is, that only mails from unknown hosts are blocked.

But in this case, the customer gets inbound emails from two other trusted mailsystems, that should be allowed to send mails with the customers domain. Because of this, I wanted to create an exception. But it seems, that this is not possible... I thought I can use a "antispam checking" exception for bypassing the sender blacklist....

Any ideas? What´s about the expression blocking? To what part of the mail is it applied? Can I use this to match the sender address or domain?



This thread was automatically locked due to age.
Parents
  • We do have SPF records configured for our domains but it won't block e-mail from other hosts.
    So we have set our own domain (*@ourdomain.nl) in the sender blacklist and need one trusted host to be able to send email from our domain to internal people.

    I have learned that an exception is not possible at this time but i have figured out a work-around:
    1) Create a NAT/Firewall rule for this trusted host and forward it to the mail server ie: Exchange Server
    2) On Exchange configure this trusted IP for relaying.
    This has worked for us as a workaround but the exeption feature would be helpful.
Reply
  • We do have SPF records configured for our domains but it won't block e-mail from other hosts.
    So we have set our own domain (*@ourdomain.nl) in the sender blacklist and need one trusted host to be able to send email from our domain to internal people.

    I have learned that an exception is not possible at this time but i have figured out a work-around:
    1) Create a NAT/Firewall rule for this trusted host and forward it to the mail server ie: Exchange Server
    2) On Exchange configure this trusted IP for relaying.
    This has worked for us as a workaround but the exeption feature would be helpful.
Children
  • Hi Patrick,

    did you configure the spf settings correctly and did you activate the spf check in the Antispam-->Advanced Antispam Features Settings? If this didn´t work propably you should open a support case....
  • Hi Roesch4alc,

    Yes we have correct SPF records for our e-mail domain. Also i saw many other people with the same feature request. I hope that Sophos will add an exception possibility for this security option.
    Because i have a workaround i posted it to this thread.

    Grtz Patrick
  • Ok, i think thats an unexpected behaviour then.... But I never used spf in general so far.

    I think that your workarround is not quite good, because you skip all the important antispam features from the utm... I think it would be better to simply add your trusted mailservers to the allowed host for relay. I think then you don´t need any NAT Rules and your utm would do all the mail checks again?!

    Regards
    Sebastian
  • Hi Sebastian,

    I have tried to set the trusted servers to allow them to relay but that does not work.
    E-mails are still getting blocked when i only set it te relay.
    I Agree that this workaround with the NAT rule is not a perfect sollution because we want te check spam / virusses but i did not find any other way to get it to work.

    Greetz, Patrick