SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
Allow logging of anti-spam feature results without blocking
Currently, if I choose an anti-spam feature like 'Strict RDNS', I immediately block any sender that has not configured FCrDNS. I would like to be able to see 'RDNS invalid' in the log without that causing a block. Most spams probably would be blocked by something else, but it would be much easier to find false-positives and either inform the offending domain or make an exception for it.
3 votes -
Outlook 2016 support for the Outlook Add-in
Provide support for newest version of Outlook 2016.
69 votes -
Sandstorm check from quarantained mail's
I would like to be able to send mail’s incl. attachment from quarantine to Sandstorm for scanning. The affected customers do not leave any dates and scan by hand ... dare but not completely to Sandstorm convert. The desired function would on the one hand bring the added value for the customer and certainly move one or the other to the purchase.
1 vote -
Outlook add-in for Email Protection
Outlook add-in so users can add senders to their blacklist on the local XG. (somebody has previously suggested an add-in for reporting spam to Sophos, however this would be a more immediate solution so the users are confident they won't see that spam item again)
3 votes -
Historical SMIME Certificates
If I change an existing Certificate to a new one we're loosing the ability to decode received mails for a longer time. Many Business Partners have the old one and are using this for encryption. The UTM is no longer able to decode until an Key exchange took place.
12 votes -
UTM\SG Test for Document, PDF, EXCEL and exec file on Sophos Side
It can be very convenient to have option Open\Review file on Sophos UTM /SG side before download to computer and review file.For example you received a file and customer not sure if there some mail-ware to another threads, he can actually review file directly in Sophos UTM\SG or file will be transferred to Sophos LAB and reviewed there by a same user.Just Emulation of OS where you able to review files
Is not Sandstorm it actually emulation on files3 votes -
allow local ssh to EMA
allow local ssh to EMA
3 votes -
IMAP Proxy for UTM/SG 9
Implement an IMAP proxy for UTM/SG 9. Provides filtering and scanning functionality for those that use this type of mail retrieval.
IMAP becomes more and more important for mail clients. The use of POP3 declines. On the other hand, threads caused by malicious mail attachments like crypto trojans or macro viruses are more dangerous than ever. By not implementing sufficient security for IMAP protocol Sophos leaves an increasing part of UTM/SG customers alone.72 votes -
Notify user of quarantined outbound messages
Right now users are only notified of inbound quarantined mails through the quarantine digest. If an outbound mail gets quarantined (e.g. because the attachment is unscannable) no one, not the sender, not the recipient, not the administrator gets notified about this. The mail therefor sits silently in the queue until it is pruned according to the quarantine settings. Such mails should at least be included in the quarantine reports, if not in even in separate notifications.
4 votes -
Adding exception for unscannable/encrypted mails
only be able to either turn of antivirus check or manually sifting through unscannable attachments is a pain either way
10 votes -
Quarantine reports are useless with RETURN TO rather than FROM
I have reported this in the past... and maybe others are on cruze control or dont care.. or havent seen a REAL quarantine report... but your current QUARANTINE report from the SG box is absolutely useless as it is written. Please take the time to read this instead of just waiting on votes. This is a real problem.
Currently the quarantine for both XG and SG units records and shows the mail header field 'RETURN TO' as the FROM address in quarantine and mail log screen. In many cases, this makes the interpretation of those emails impossible prior to releasing…
3 votes -
Shud be a Feature to block spam emails instead quarantine, if its with diff IP, Subject but if email body contains Repeated Words
There should be a Feature added to Block the emails with email body Containing some repeatedly words. As for example, on of our client receives email with different ip's, different subject but always the body contains the letters "Canadian-Pills" and he always asks us to block it. When contacted Support, they asked us to either block Domain, IP from where they are receiving.
2 votes -
Sophos Central - increase days email is kept in quarantine
Please give us the ability to change the default 14 day quarantine retention to at least 30 days.
5 votes -
PLEASE Block The Following SPAM Relays ...
146.185.173.242
198.71.86.130
212.67.203.197
198.98.103.243
87.106.216.61
37.59.1.42
46.32.237.164
94.143.106.252
70.33.188.112
162.254.227.24523.253.182.167
85.25.152.51
70.33.188.111
83.70.203.244
46.101.142.211
198.211.117.9
41.220.69.172
46.236.37.75
87.253.233.151
208.76.87.2187.253.234.157
67.68.185.114
64.74.172.33
62.61.152.81
241.231.152.125
192.168.8.51
80.152.197.106
213.190.90.69
46.1.235.149
199.15.213.64199.15.213.67
62.129.220.20
92.55.215.145
104.233.126.39
194.214.71.115
193.255.77.173
91.98.96.132
180.93.114.216
41.223.64.250
89.43.225.44154.53.200.34
187.216.19.130
116.109.199.249
103.255.182.8
89.44.132.2
195.66.166.4
112.196.181.198
189.203.45.229
177.247.99.187
196.207.94.54113.183.166.19
200.94.20.82
5.22.213.193
109.227.61.37
81.29.245.233
188.120.254.176
117.255.240.109
116.109.104.203
14.139.171.93
223.255.230.23113.92.137.57
23.91.115.212
193.1.181.190
80.82.64.77
24.239.210.176
182.73.251.210
82.78.94.236
62.101.128.162
27.251.28.143
79.99.129.7367.59.193.228
23.239.11.36
213.243.196.11
202.166.170.211
79.99.129.74
213.58.130.235
216.183.106.114
82.165.159.10
124.81.81.93
208.73.210.214104.148.33.38
21.50.170.120
80.147.113.10
116.202.38.173
218.205.187.230
91.251.213.226
93.120.161.130
184.73.226.63
38.84.70.196
176.74.176.187118.70.103.68
105.112.22.82
103.211.42.5
198.2.131.56
52.124.3.43
217.76.245.9
74.208.79.101
201.199.109.98
181.174.187.103
162.248.97.76…
1 vote -
Sandstorm unscannable SMTP exception
Please add the ability to create unscannable exceptions when sandstorm reports an attachment is unscannable. We've been getting quite a few legitimate messages quarantined when sandstorm scanning fails (cloud based server load?)
6 votes -
Distribution List Import
It would be very helpful to provide an option to be able to import email addresses from a file directly into the Reflexion portal as distribution lists vs only as users. In addition, on the "List All Users" page within the portal, possibly adding an option to the drop-down list to "Convert to Distribution List" to quickly convert any existing users to distribution lists if needed.
Just spoke with chat, and currently the only way to create a distribution list per chat is to create a new user account first and then go back and edit the user and change…
2 votes -
Time-of-Click decode for Helpdesk administrators
Hi all actually the decode function to understand the original encoded URL is under Configuration --> Network --> Network Connectivity tab and it's accessible only by System Administrator role on the appliance.
It could be helpful to give access to that functionality also to Helpdesk administrator role like in Sophos Management Appliance it's already running that way under "Diagnostic Tools" tab.
Regards.5 votes -
Email Quarantine Report
Increase the number of available Email Quarantine Report scheduled times or have the F/W email users as their messages are quarantined.
Having the quarantine report emailed twice daily causes issues with time critical emails, if they are stopped as false positive.48 votes -
Mail & Country blocking
If using Country blocking in firewall and you send a mail to a blocked country, allow the server that you send to to do an rdns check etc so the outgoing mail isn't treated as spam.
Also allow mail exceptions to be placed in Country blocking exceptions. The above combination will allow the UTM to send all mail to & receive specific mail from a blocked country.3 votes -
Add the option to report false negatives from the Mail Manager
Whereas is very easy to report a false positive for spam detection, it is incredibly convoluted to report a false negative (https://community.sophos.com/kb/en-en/115670). Please add the option to report false negatives from the Mail Manager as well.
4 votes
- Don't see your idea?