This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High everybody,

since yesterday i receive ATP Events blocking DNS for "". Is this dangerous or harmless? There is a relation to microsoft forms. C2/Generic-A 19 DNS

450 4.1.2 <>: Recipient address rejected: Domain not found; from=<> to=<>

Any Idea ?


This thread was automatically locked due to age.
  • Hallo,

    Please show a picture of the message you received about the block.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • High BAlfson,

    here it is

    Advanced Threat Protection


    A threat has been detected in your network The source IP/host listed below was found to communicate with a potentially malicious site outside your company.


    Details about the alert:


    Threat name....: C2/Generic-A


    Time...........: 2021-06-11 03:58:54

    Traffic blocked: yes


    Source IP address or host:

    The Problem does not longer exist. First i thought okay a PC was highjacked. But after a while we received spam and suspicous mails. An Email-Account has been hacked.

    Without the Sophos we wouldn`t have recognized this in this early state. I have identified the account and it was closed. The mailqueues are now  empty.

    Greetings Peter