Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 11899 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowing emails from corporate website

Edward Smith

Our Sophos UTM is setup to block all external emails from "ourdomain.com" (sender blacklist, *@ourdoman.com) in order to block any spoofing attempts. This is now causing a problem as we have an external website that needs to send emails to our internal users from "website@ourdomain.com". Is there any way to allow emails from the website address which is sent via our hosting providers relay whilst still blocking other potential spoof emails? Thanks in advance.



This thread was automatically locked due to age.
  • 0

    Hi Edward,

    Did you try configuring an exception policy for the sender addresses. Please refer the help document for more details.

    Hope this helps.

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Thanks for the reply. I have setup an exception, disabling all checks for the specific address however it is still being blocked:

     

    reason="sender_blacklist" extra="website@ourdomain.com blacklisted"

  • +1 in reply to Edward Smith

    This is a known bug but, I thought this was resolved in 9.4. When a global domain is listed in the Sender Blacklist then the exception will not take priority for an individual Email address, you will need to individually add specific Email addresses in the blacklist option.

    I did an internal check and discovered it as a pending feature request. Please cast your vote on the existing feature request here.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Thanks Sachin, that seems to match my experience. I have voted on the feature request and will update the UTM accordingly.

  • 0 in reply to Edward Smith

    Hi, Edward, and welcome to the UTM Community!

    I agree that the idea to which Sachin linked is a desirable one.  In this case, your problem can be solved by a trick.  Since DNATs are considered before Proxies (see #2 in Rulz), just make a NAT rule that bypasses the SMTP Proxy for traffic from your website

    DNAT : {DNS Host/Group for your website} -> SMTP -> External (Address) : change to {mail server}

    If your MX record points to an Additional Address instead of the primary one on the External interface, use that in the rule.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML