This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow email from adres but not all emails from a webservice.

Hello,

There is a company (example: x) that send email to us but they are put in to quarantine.

This is because they are using a webservice (amazones) as middle men.

Is there a way to allow the email to get past the quarantine without allowing all the email from amazones to get through but only the email send by example@x.com?

There are no emails being blacklisted.

Thank you in advance!

Roald

om?



This thread was automatically locked due to age.
Parents
  • Hi Roald,

     

    Yes, it should be possible under Email Protection -> SMTP ( unless you use profile mode, then look under the profile if its a localized setting or global setting ) -> Exceptions

    You can disable anti spam checks regardless of the mail server providing the mail, by disabling all the antispam check for emails with "these sender addresses" aka x@somewebservice.com

    It would be recommended to leave the antivirus active.

     

    Hope it helps

  • Hi Vels,

    Thank your for your quick reply.

    We already created an exception where we skip the antispam check :

    • *@somewebservice.com
    •  *@*amazonses.com

    This works fine but it is an OR rule so both are allowd through.

    I am looking for something where you need both to be allowd through.

    In your example your saying (allow these email from these host or server or these send to get trough). But wouldn't it just allow everything from both email adressen to come through?

    I was thinking but isn't it possible to create a regex based on the header of an email with =? function to create an "AND exception"?

    So (.*@*amazonses.com ?=.*@somewebservice.com).

    Or is it not possible to create a regex on information used in the header of an email?

    Thanks again for the reply!

  • Hi Roald,

    To my knowledge it's not possible

    You are right - it is kind of limited only to have "OR" options and not a "AND" option, so it is correct that just allowing *@somewebservice.com will let everything get thru with that sender address in the header, also opening from the entire amazon IP host range will allow everything from the host range thru.

    The official documentation does not mention regex expressions in the sender address field. It's a great idea though, one that I would vote for as a feature request :-)

     

    I found the best way for now to keep things down to a minimum, is just the allow the email address pattern thru fx. *@somewebservice,com and have a tight antispam configuration otherwise with extra RBL lists configured like :

    ( b.barracudacentral.org - requires account )
    zen.spamhaus.org
    ix.dnsbl.manitu.net
    dnsbl-1.uceprotect.net
    psbl.surriel.com
    bl.spamcop.net

     

    Sorry I can't be of more help :-)

Reply
  • Hi Roald,

    To my knowledge it's not possible

    You are right - it is kind of limited only to have "OR" options and not a "AND" option, so it is correct that just allowing *@somewebservice.com will let everything get thru with that sender address in the header, also opening from the entire amazon IP host range will allow everything from the host range thru.

    The official documentation does not mention regex expressions in the sender address field. It's a great idea though, one that I would vote for as a feature request :-)

     

    I found the best way for now to keep things down to a minimum, is just the allow the email address pattern thru fx. *@somewebservice,com and have a tight antispam configuration otherwise with extra RBL lists configured like :

    ( b.barracudacentral.org - requires account )
    zen.spamhaus.org
    ix.dnsbl.manitu.net
    dnsbl-1.uceprotect.net
    psbl.surriel.com
    bl.spamcop.net

     

    Sorry I can't be of more help :-)

Children
  • Hi Vels,

    Thank you for your suggestion! I'll just have to keep it as tight as possible and hope security is ok with it :).

    And I saw a similair request so Upvoted that one.

    Thanks again!

     

     
  • Hi, Roald, and welcome to the UTM Community!

    I'm a bit confused by this thread.  If I understand correctly, you have emails from person@example.com that are being quarantined as spam because they use an Amazon smart host to send email - is that right?

    In any case, we would want to look at the lines from the SMTP log file that show why one email was quarantined.  Only then can we pick the best, safest approach.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA