SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
The mail gateway should have an option to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to anyone before
The mail gateway should have an option to modify email contents to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to recipients' before they click that it’s going somewhere dodgy, even on mobiles.
4 votes -
Option to present TLS certificate for outgoing email
Currently the TLS certificate seems to only be used for incoming email. Many TLS partners have asked whether it would be possible to present the TLS certificate also for outgoing communication, which is more secure.
3 votes -
Negate Email Malware "File Extension Filter"
With the "File Extension Filter" in the Malware tab one can only block specific file types, although having a white and black list would be a major benefit from a security perspective. We'd like to see the ability to block all file extensions by default for incoming email in combination with a custom whitelist that let's us decide which file types we would want to allow passing through.
3 votes -
Add newo
Add plugin or client for SPX encryption for Post Office Client
-GroupWise 18
- Webmail Outlook
- Lotus Domino
- GroupWise Web Client7 votes -
Reject Quarantine Messages Choice
Add option for quarantine emails to be rejected (add in drop down: View, Delete, Release).
This will also inform the sender that his email was rejected if for example the antivirus engine failed to perform a security scan.9 votes -
DNS Forwarders - allow a separate selection for Mail Protection
If you've seen my DNS best practice (https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/32566/solved-dns-best-practice/109152#109152) post, you know that it recommends NOT using the DNS servers of your ISP and using Google or OpenDNS. The reason for this is that many providers hijack DNS, breaking rDNS.
When I started that post over eight (!) years ago, there were very few Content Delivery Networks (CDNs). Today, they abound, and that's a problem that may well trump thr rDNS problem. As Alexander Busch described this situati in a post near the end of the DNS Best Practice thread, "Essentially, it is about the provider operating a large…
7 votes -
Allow custom exim configuration
Allow custom exim.conf configuration to be added. Exim has alot of flexibility and features that are not available through the web interface, so it would be nice to be able to add your own custom config.
4 votes -
Make it possible to disable IPv6 for SMTP
If ipv6 is on, than its also on für smtp. But we get no static IPv6 by Deutsche Telekom AG without a expensive contract; but we get a static IPv4. With no static ipv6 we cant configure the AAAA-Record / PTR /RDNS . So our ipv6-Mails will classified as SPAM because we cant disallow to send mails via ipv6. But we will need ipv6 in the future for VPN-connections.
3 votes -
Allow specific senders for specific recipients
Allow specific senders to be white-listed for specific recipients
So for example - Whitelist 123@hotmail.com but only for 333@gmail.com, but keep it blacklisted for everyone else.
2 votes -
Support for Multiple Domains for DKIM on SEA
Feature Request - Support for multiple domains for DKIM on Email Appliances
We have two email domains that send through our clustered email appliances and want to setup DKIM for both domains, however currently the email appliances only support DKIM for a single domain.
We would like the ability to enter more than one selector and private key within the DKIM settings.
13 votes -
POP3 - Autoreply or Autoresponder when mail contain blocked extension
The UTM doesn't have an option to send automatically e-mails back to sender if there mails where blocked cause of extensions like .doc or .xls and so on in POP3 Proxy.
4 votes -
Adding option for exception allowing unscannable mail
It would sometimes very helpful to have the possibility to create an exception for allowing mail with not scannable attachments while having the global option quarantine unscannable and encrypted content enabled.
12 votes -
Encoded content filter on headers
Hi,
we received a phishing attempt in which an internal and effective email address appear as sender. After some analysis we found in the message header that sender and subject were encoded on UTF-8 (Base64).
Here the modified header as example:
Received: from hide (hide) by hide
(hide) with hide (TLS) id hide via hide
Transport; Wed, 10 May 2017 23:45:21 +0200
Received: from hide (hide) by hide
(hide) with hide (TLS) id hide; Wed, 10 May
2017 23:45:21 +0200
Received: from hide (hide) by hide
(hide) with hider (TLS) id hide
Transport; Wed, 10 May 2017 23:45:21 +0200
X-Virus-Scanned:…8 votes -
smtp: change authenticated smtp proxy authentication flow
UTM first verifies username/password, and then checks if the user is allowed to use the authenticated smtp proxy.
This allows a botnet to do a DoS attack, by simply giving wrong passwords for any AD account -> sophos checks all passwords, causing the account to become lockedout on the AD (toomanyfailedpasswords)We would like UTM to first check if the user is allowed to use the auth smtp proxy AT ALL, then further authentication would in most cases not be required. (reducing the number of failed logons on our AD servers considerably)
This is how…
3 votes -
Fingerprinting Spam
A development of spam methode is Fingerprinting Spam. Would be nice to have this feature available on Sophos devices. I was advised to raise a feature request by Sophos.
2 votes -
DMARC reporting
I would like to have the UTM generating reports by grabbing the emails sent as aggragate reports so you would not have to setup agari or such
13 votes -
Spam Digest and out of office reply
If users in absence receive e-mail which will be blocked / quarantined by spam engine, sender will not informed about the absence by out of office reply since no incoming e-Mail will trigger the send out of the reply. Would be great to have a solution for that issue.
4 votes -
More detailed Mail Exception Configuration
Allow to configure exceptions for extension blocking for single extensions.
Actually it is only possible to create an exception and disable extension blocking at all. For special recipients it would be helpful to allow for example exe-attachments, but still block all other extensions.
Furthermore it should be possible to create exceptions and combine sender AND recipient address. Actually it is only possible to filter for sender OR recipient address.
21 votes -
time of click protection - not applied to quarantined emails
if an email is released from quarantine then time of click protection is not applied.
surely an email that was quarantined for some reason is more likely to have bad url's in it needing the TOC protection?
TOC protection should be applied to all quarantine emails either before it is quarantined or after it is released
2 votes -
Digest support for multiple alias's
if an active directory user has an email account which has multiple aliases such as jsmith@domain.com, with aliases of johnsmith@domain.com, john.smith@domain.com, jsmith@domain2.com
if each of the above emails receives an email which goes into quarantine then the user will receive 4 separate emails each with its own list of quarantined emails.
but when the users logins into the quarantine web portal with their windows domain credentials all quarantined emails sit together.
Sophos need to be able to better handle the use of aliases and send digest emails based on the email account not the email address
2 votes
- Don't see your idea?