Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 0 subscribers
  • Views 7021 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Email Appliance questions...

jadedmia

I have recently installed SEA in a virtual setting and all is looking good so far.  I was wondering though about the bulk message settings because I do see a bunch of messages making it through to users mailboxes which should be getting classified as bulk and are just being classified as legitimate, I was wondering if there was any way to turn the settings up so to speak on that scanning....

Another thing i am noticing are messages that are not coming from any specific user but are listed as going to an address outside of the organization and Im not sure where it could be originating from?  Any ideas would be appreciated..

Thanks!

:38445


This thread was automatically locked due to age.
Parents
  • 0

    Hi jadedmia,

    Glad to hear you are getting on OK with the SEA.

    I'm afraid the bulk messages setting isn't tunable - Detection of bulk messages is based on rules setup by SophosLabs.  If you're concerned, you can send a sample to Tech support and they will confirm if there is any configuration problem.

    Regarding the unexpected 'Outbound' messages... You should be able to verify who sent us the message in 'Search > Mail Logs'.  If the message is from an unexpected source IP, then it's definitely worth verifying that the appliance is not an open relay.  You should check:

    • 'Configuration > Routing > Internail Mail Hosts'.  These are the servers that are allowed to send outbound mail.
    • If you use SMTP authentication, then authenticated clients can also send outbound.  Make sure you have a strong account password/lockout policy.  Also, you must secure communications with TLS in 'Configuration > Policy > SMTP Authentication'

    All the best,

    Tom.

    :39077
Reply
  • 0

    Hi jadedmia,

    Glad to hear you are getting on OK with the SEA.

    I'm afraid the bulk messages setting isn't tunable - Detection of bulk messages is based on rules setup by SophosLabs.  If you're concerned, you can send a sample to Tech support and they will confirm if there is any configuration problem.

    Regarding the unexpected 'Outbound' messages... You should be able to verify who sent us the message in 'Search > Mail Logs'.  If the message is from an unexpected source IP, then it's definitely worth verifying that the appliance is not an open relay.  You should check:

    • 'Configuration > Routing > Internail Mail Hosts'.  These are the servers that are allowed to send outbound mail.
    • If you use SMTP authentication, then authenticated clients can also send outbound.  Make sure you have a strong account password/lockout policy.  Also, you must secure communications with TLS in 'Configuration > Policy > SMTP Authentication'

    All the best,

    Tom.

    :39077
Children
No Data
Unfiltered HTML