SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SPX - Opt Out Keyword

    The ability to add a keyword to subject or body of a email that will tell the UTM not to encrypt the email.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Wildcard usage before and after @

    Allow the usage of the wildcard '' after @ as well as before. An example of this could be;
    @mail165.atl61.mcsv.net which you could then do either @.mcsv.net or just even *.mcsv.net this would then stop spam mail from any address ending with .mcsv.net even if parts are changed.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Block SPAM based on reverse DNS of server

    Allow blocking of email based on reverse DNS ("ends-with" match) of the sending server (looking behind any trusted forwarders). Also allow options to block invalid reverse DNS ("localhost", which I have seen in the wild, and any other reverse DNS which is not a valid FQDN). Barracuda provides this and we have used it to block lots of hostile and unwanted traffic.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. mail

    SSL/TLS Encryption for Smarthost Relaying. Actually it is only possible over Port 25 and an unsecure connection.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Notify the external sender when SOPHOS UTM blocks an E-Mail

    A customer want to have the the following Feature.

    An incoming E-Mail gets blocked by UTM because of an listed File extension.

    Now the UTM sends a Mail to the external sender that it has blocked the Mail be cause of an listed extesion. Maybe with a free text field for individual spellings.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. AD Look-up MISSING contact!

    At the moment the currenct build in AD check/query is incomplete!

    This is the current AD check/query:

    ADLOOKUPOK = ${lookup ldapm{referrals=nofollow user=${quote:ADUSER} pass=${quote:ADPASS} ADSERVER/${quoteldap:ADBASE}?mail?sub?(&(|(objectClass=user)(objectClass=publicFolder)(objectClass=group)(objectClass=msExchDynamicDistributionList))(|(proxyAddresses=SMTP:${quoteldap:PRVSFLATTENRCPT})(mail=${quoteldap:PRVSFLATTEN_RCPT})))}{1}{0}}

    This is what is should be (as we use it, and have to change the exim every time the UTM is update):

    ADLOOKUPOK = ${lookup ldapm{referrals=nofollow user=${quote:ADUSER} pass=${quote:ADPASS} ADSERVER/${quoteldap:ADBASE}?mail?sub?(&(| (objectClass=contact) (objectClass=user)(objectClass=publicFolder)(objectClass=group)(objectClass=msExchDynamicDistributionList))(|(proxyAddresses=SMTP:${quoteldap:PRVSFLATTENRCPT})(mail=${quoteldap:PRVSFLATTEN_RCPT})))}{1}{0}}

    When you compare them you will find that we added:
    “(objectClass=contact)”
    As Exchange ready AD's can have contacts that can receive mail from "external".

    This "fix" can be implemented in the next release with no problem at all.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enable Header Matching of Data Protection Custom Rules

    To match the functionality of the Sophos E-Mail-Appliance more closely, it would be helpful if it was possible to match E-Mail Headers with the Custom Rules of the Data Protection Engine.

    This would allow triggering SPX-Encryption by marking the E-Mail as confidential or trigger on words ONLY in the subject, not in the body.

    Two examples that work on the Sophos E-Mail-Appliance but do not work on the Sophos UTM:
    Subject: .[ENC].
    Sensitivity: company-confidential

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. time-of-click protection for email spear-phishing attack

    Many of today's threats, begin with a spear-phishing attack: a single,
    carefully crafted email that tricks a recipient into clicking a link to download malware or open a malicious attachments.

    Handling this type of emails like proofpoint would be really nice to have in UTM as email protection appliance. Handling is to actually replace links, attachements so everything runs sandboxed if suspicious.

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Email: change greylisting timeout from 5 minutes to 10 seconds + bypass

    In my years as a service provider, I have found that greylisting is very effective at stopping the fire-and-forget spammers using botnets (they never retry) but unfortunately there are also sites that have long retry timers. This won't help them.

    Moving it from many minutes to more like a few seconds is still very effective (I'd say 99.9% as effective as any number of minutes) and doesn't impact mailers that do a retry within 20 seconds.

    Now onto the 'bypass' part of the subject: need an interface that we can drop in CIDR ranges (easily! not one at a time!)…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Email Applicance - Possibility to remove Disposition-Notification-To and Return-Receipt-To headers

    Product "Email Appliance" is not available so posting it hear instead.
    Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
    I would like to remove those 2 headers (only for certain recipients) and sent the mail through.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ability to scedule the quarantined eMail report to be sent more than twice a day

    Customers want to have more flexibility and options when it comes to scheduling the quarantined email report daily sending frequency, as only twice a day is not enough.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. SMTP Flood Protection

    If using UTM as a smart host, the Mail Protection should be able to halt mail flow if an SMTP address is sending an unusually high amount of e-mail. Recently had an issue with this and had to wipe out the UTM as it queued up over 500000 messages from a single user (due to virus).

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block recepient address in SMTP proxy

    The option is required to block recipient email address in SMTP proxy to block users sending to their personal email accounts or to control recipient address if users are sending email to resigned employees by mistakenly.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. S/MIME certificate batch import

    It would be nice to have an option to import S/MIME certificates with a batch job and not one by one. We have many thousands of certificates and it is very time-consuming to import them one after another.

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Multiple DLP rules support

    Add the ability to create multiple DLP rules for the same profile and allow for them to be ordered like firewall rules. This would allow for great customization and the ability to tailor the DLP process to end user. This is how they are setup in the Sophos Email Gateway.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. DANE

    DNS-based Authentication of Named Entities (DANE) is a procedure for the security SSL/TLS connections with the help of DNA entries, again by
    DNSSEC are protected.

    72 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Quarantineless Mail Protection

    to minimize spam handling and be legally protected i suggest to add a Quarantineless mail protection.

    Quarantineless means for me that any sort of mail filtering (spam/virus/...) is done during the smtp receive/transmit process. if mail is voted as Spam/virus-infectred/... reject (not drop) email ...

    AND!!!!:


    1. to handle "false-positive" mail ... send back an NDR (perhaps with different reasons (spam/virus-infected/..)), so that an sender knows why we reject the mail.

    2. if internal user wants to "allow" incoming mail from sender, internal uses send out email to blocked sender through Mail Protection ... Mial Protection implicitly whitelist this sender now.

    big…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. UTM Multiple Site Location User Portal Mail Replication

    I ran into a deployment issue where a client has two office locations (i.e.: HQ and DR) with mail servers at each location for resiliency. We deployed a HA Pair at both HQ and DR of the UTM330 with a SUM however I found a major feature lacking within the User Portal for Mail Quarantine, White List, & Black List. Because each site location accepts mail messages can come from either HQ or DR meaning the user has to manage two separate portals for their Mail Quarantine, White List, & Black List. There is no single instance that allows the…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Implementing of rbl whitelists like dnswl.org

    it would be great to implement the feature of rbl whitelists from
    dnswl.org to decrease the ammount of false positives
    of the well known rbl list vendors like spamcop and others.
    In my case, a big german provider is blacklistet by these lists with
    about 3 servers from 20. Mails by these servers are not been
    delivered by out UTM because it checks the most
    popular RBL's in web. Define Exclusions for all these false positives
    in an own list are too cumbersome!!

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Wildcards for HOST BLACKLIST

    I really get a ton of spam. And some companies have dozend (!) of real smtp (spam) servers with fixed IP addresses like these one. And you can easily see that there seem to also have smtp spam server "relay61.brm24.de" to "relay89.brm24.de" and "relay118.brm24.de" to "relay129.brm24.de" from which I still didn't got an email yet (so they are not blocked now):

    relay59.brm24.de 78.46.76.140
    relay60.brm24.de 78.46.96.74
    relay91.brm24.de 213.239.212.235
    relay101.brm24.de 78.46.44.235
    relay102.brm24.de 85.10.209.133
    relay103.brm24.de 88.198.61.232
    relay104.brm24.de 213.239.213.207
    relay105.brm24.de 88.198.35.24
    relay106.brm24.de 78.46.78.116
    relay107.brm24.de 46.4.90.229
    relay108.brm24.de 213.133.97.146
    relay109.brm24.de 88.198.7.133
    relay113.brm24.de 88.198.51.236
    relay114.brm24.de 88.198.58.40
    relay116.brm24.de 88.198.66.66
    relay117.brm24.de 78.46.49.11
    relay130.brm24.de 213.239.214.166
    relay131.brm24.de 213.133.98.213

    It would be…

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
1 2 5 7 9 28 29
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.