SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Email format of Quarantine Report

    I want to appoint the format of the isolation report email from Sophos UTM.
    In the case of an HTML form, I am garbled.
    I want the format conversion function of the isolation report email.
    =========================
    Sophos UTMからの隔離レポートメールのフォーマットを指定できるようにしてほしい。
    HTML形式の場合、文字化けする。
    隔離レポートメールのフォーマット変換機能が欲しい。

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Designation of the origin of transmission address

    I want to appoint an origin of transmission address of the isolation report email from Sophos UTM.
    =========================
    Sophos UTMからの隔離レポートメールの送信元アドレスを指定できるようにしてほしい。

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Email Protection : TLS Version and Ciphersuite selection

    Dear Sophos Team,

    please add an TLS Version selector to the Email Protection settings, like it's already done in "Webserver Protection > WAF > Advanced".

    In addition, please add an Ciphersuite Selector, so advanced users can specify further down which ciphersuite ( ECDH-* / DHE-*/ AES-*/ .. / ) they want to use.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. SMTP - check sender mail domain

    When accepting mail messages, the sender mail addresses, the domain part, are not checked for existence. No queries are made as to whether the domain holds an MX record, for example. This should apply to both address fields, envelope and header.
    In this way, fake addresses of stations could be avoided.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Scan encrypted zip if the password is known

    We have at the moment customers they send your mails as zip which are password protected. We have the option "Quarantine unscannable and encrypted content" enabled and the mails are correctly moved to quarantine.

    But the zip password are always the same. Can you implement a function that we can store the password in the utm and link it to a mail adress? If we receive a mail from *@customer.com so the utm can open the zip file with the stored password (because password is linked to the mail adress) and can scan the content in the zip.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide an official way to close port 25, 467 and 587 to WAN side of UTM aside from creating DNAT blackhole and disabling SMTP proxy

    Kindly provide an official way to close port 25, 467 and 587 to WAN side of UTM aside from creating DNAT blackhole and disabling SMTP proxy (since customer is using this feature for outbound mail only)

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Show the reason for spam detection in mail manager

    Currently only the CLI offers the possibility to find out the reason for marking the mail as spam. Would be nice if this could also be seen in the Mail Manager. It would be even nicer if we were included in the mail header.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. SPX Registration Password inklude in Backup

    The passwords of the registered recipients should be included in the backup. During a recovery, users must always re-register.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. The mail gateway should have an option to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to anyone before

    The mail gateway should have an option to modify email contents to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to recipients' before they click that it’s going somewhere dodgy, even on mobiles.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Option to present TLS certificate for outgoing email

    Currently the TLS certificate seems to only be used for incoming email. Many TLS partners have asked whether it would be possible to present the TLS certificate also for outgoing communication, which is more secure.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add newo

    Add plugin or client for SPX encryption for Post Office Client
    -GroupWise 18
    - Webmail Outlook
    - Lotus Domino
    - GroupWise Web Client

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Reject Quarantine Messages Choice

    Add option for quarantine emails to be rejected (add in drop down: View, Delete, Release).
    This will also inform the sender that his email was rejected if for example the antivirus engine failed to perform a security scan.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Option to present TLS certificate for outgoing email

    Currently the TLS certificate seems to only be used for incoming email. Many TLS partners have asked whether it would be possible to present the TLS certificate also for outgoing communication, which is more secure.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Make it possible to disable IPv6 for SMTP

    If ipv6 is on, than its also on für smtp. But we get no static IPv6 by Deutsche Telekom AG without a expensive contract; but we get a static IPv4. With no static ipv6 we cant configure the AAAA-Record / PTR /RDNS . So our ipv6-Mails will classified as SPAM because we cant disallow to send mails via ipv6. But we will need ipv6 in the future for VPN-connections.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support for Multiple Domains for DKIM on SEA

    Feature Request - Support for multiple domains for DKIM on Email Appliances

    We have two email domains that send through our clustered email appliances and want to setup DKIM for both domains, however currently the email appliances only support DKIM for a single domain.

    We would like the ability to enter more than one selector and private key within the DKIM settings.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow specific senders for specific recipients

    Allow specific senders to be white-listed for specific recipients

    So for example - Whitelist 123@hotmail.com but only for 333@gmail.com, but keep it blacklisted for everyone else.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. POP3 - Autoreply or Autoresponder when mail contain blocked extension

    The UTM doesn't have an option to send automatically e-mails back to sender if there mails where blocked cause of extensions like .doc or .xls and so on in POP3 Proxy.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. smtp: change authenticated smtp proxy authentication flow

    UTM first verifies username/password, and *then* checks if the user is allowed to use the authenticated smtp proxy.
    This allows a botnet to do a DoS attack, by simply giving wrong passwords for *any* AD account -> sophos checks all passwords, causing the account to become locked_out on the AD (too_many_failed_passwords)

    We would like UTM to *first* check if the user is allowed to use the auth smtp proxy *AT ALL*, then further authentication would in most cases not be required. (reducing the number of failed logons on our AD servers considerably)

    This is how postfix sasl does it, which…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Fingerprinting Spam

    A development of spam methode is Fingerprinting Spam. Would be nice to have this feature available on Sophos devices. I was advised to raise a feature request by Sophos.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Encoded content filter on headers

    Hi,

    we received a phishing attempt in which an internal and effective email address appear as sender. After some analysis we found in the message header that sender and subject were encoded on UTF-8 (Base64).

    Here the modified header as example:

    - - - - - - - - - - - - - - - - - - - - - - - - - -

    Received: from hide (hide) by hide
    (hide) with hide (TLS) id hide via hide
    Transport; Wed, 10 May 2017 23:45:21 +0200
    Received: from hide (hide) by hide
    (hide) with hide (TLS) id hide;…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.