SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deffered Message alert

    It will be great if there is a feature that allows admin to create an alert to alert him when there are differed messages queued.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. email appliance: "search export" scheduled and sent by email

    the ability to schedule and export search results in the email appliance "search" section to excel or similar format AND send it via e-mail to an smtp address

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. spx images

    SPX Emails - Allow HTML formatting. Allow option to have images shown in line in SPX emails, currently all images are removed and placed as attachments in the SPX PDF file. As attachments are not viewable using all PDF readers this means that recipients on many devices are unable to view the messages in their entirety.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add the ability to detect when the from field in the header is different to that of the envelope

    Can we have the above functionality added to the UTM so that it gives the same level of mail protection as the email appliance? When mail has been spoofed so that just the From field in the header is spoofed but the same field in the envelope is different and is from an address that is not blacklisted this is sometimes getting through to customers.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Mails that are Blocked by SPF should be able to move to quarantine instead of blocking and should apear in the quarantine report.

    At the Moment Mails where blocked by SPF will be just blocked, but there are thousends of misconfigured mailservers out there, where just have a wrong spf configuration. it would be nice, if we could activate a function wicht not blocks a mail while spf check failure but put it in to the quarantine, so that the user have it in his quarantine report and release it or whitelist the Sender. It would niceley help a lot and would make a lot more Customers happy

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. MIME-Type Blocking of Executables by SMTP

    Actually you can only quarantine executable content by MIME Type Filter. Please add the possibility to block executable content by MIME Type Filter.
    Thanks.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Data Protection

    Under the seetings Email -> SMTP - > Data Protection -> Data Protection Policy -> Action on rule match the only options are Blackhole, Send with SPX Encryption or Allow.

    After ticking the "Combination of personally identifiable information [UK]" box emails with multiple signatures (and therefore multiple phone numbers and postcodes) are being blackholed.

    Can there be a Quarantine option added on rule match? Or can the thresholds be increased or be more configurable?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add X-Spam-Flag Header with spam action "warn"

    If the astaro antispam engine detects a message as possible spam it should add a header X-Spam-Flag: YES if the spam action is set on "warn".

    This is way better than rewriting only the subject.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Wildcard support for antispam's sender blacklist & excepted email addresses

    Under "EMAIL PROTECTION > SMTP > ANTISPAM > SPAMFILTER"
    you are able to block email senders by adding their domain. You are also able to use wildcards i.e. "*@domain.com".

    Same you can do under "EMAIL PROTECTION > SMTP > EXPEPTIONS" to add a sender's email address to except him from specific rules (HELO, Antispam, etc.) buy using the same format and wildcards i.e. "*@domain.com".

    Unfortunately I get more and more spam emails from the same domain which uses A TON of subdomains i.e. the following (german) spam site:

    *@elektronik.de-at-ch.com
    *@rasierklingen.de-at-ch.com
    *@versicherung.de-at-ch.com
    *@mobil.de-at-ch.com
    *@reisen.de-at-ch.com

    The same applies to whitelist pages i.e.…

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Email exceptions to anti spam sender blacklist

    Currently in the list of email exception rules there is no way to bypass the Sender Blacklist list of email addresses or domains.

    If like us you want to block all Facebook mail, and do this via blocking *@facebookmail.com,but still want to say your marketing/pr department to have access there is no way to create an exception. All the other AntiSpam categories are covered in the exceptions tab but not this one.

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Different skriplist for incoming and outgoing traffic for MailProtetion

    It would be great to have in the "Email Protection - SMTP - Transparent Mode" a different Skip-List for incoming and outgoing traffic.

    In some cases you you need to use that feature (f.e. Bridge Mode) to get all SMTP Traffic scanned for Virus and Antispam, but you need that feature only incoming.

    When you can´t skip outgoing that traffic will be blocked - so it would be great to get the solution to differ the traffic way. In other modules you have that feature.

    I know that is a special case, but without that the E-Mail Protection SMTP don´t…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. SPX - Opt Out Keyword

    The ability to add a keyword to subject or body of a email that will tell the UTM not to encrypt the email.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Wildcard usage before and after @

    Allow the usage of the wildcard '*' after @ as well as before. An example of this could be;
    *@mail165.atl61.mcsv.net which you could then do either *@*.mcsv.net or just even *.mcsv.net this would then stop spam mail from any address ending with .mcsv.net even if parts are changed.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. mail

    SSL/TLS Encryption for Smarthost Relaying. Actually it is only possible over Port 25 and an unsecure connection.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. AD Look-up MISSING contact!

    At the moment the currenct build in AD check/query is _incomplete_!

    This is the current AD check/query:

    AD_LOOKUP_OK = ${lookup ldapm{referrals=nofollow user=${quote:AD_USER} pass=${quote:AD_PASS} AD_SERVER/${quote_ldap:AD_BASE}?mail?sub?(&(|(objectClass=user)(objectClass=publicFolder)(objectClass=group)(objectClass=msExchDynamicDistributionList))(|(proxyAddresses=SMTP:${quote_ldap:PRVS_FLATTEN_RCPT})(mail=${quote_ldap:PRVS_FLATTEN_RCPT})))}{1}{0}}

    This is what is should be (as we use it, and have to change the exim every time the UTM is update):

    AD_LOOKUP_OK = ${lookup ldapm{referrals=nofollow user=${quote:AD_USER} pass=${quote:AD_PASS} AD_SERVER/${quote_ldap:AD_BASE}?mail?sub?(&(| (objectClass=contact) (objectClass=user)(objectClass=publicFolder)(objectClass=group)(objectClass=msExchDynamicDistributionList))(|(proxyAddresses=SMTP:${quote_ldap:PRVS_FLATTEN_RCPT})(mail=${quote_ldap:PRVS_FLATTEN_RCPT})))}{1}{0}}

    When you compare them you will find that we added:
    “(objectClass=contact)”
    As Exchange ready AD's can have contacts that can receive mail from "external".

    This "fix" can be implemented in the next release with no problem at all.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable Header Matching of Data Protection Custom Rules

    To match the functionality of the Sophos E-Mail-Appliance more closely, it would be helpful if it was possible to match E-Mail Headers with the Custom Rules of the Data Protection Engine.

    This would allow triggering SPX-Encryption by marking the E-Mail as confidential or trigger on words ONLY in the subject, not in the body.

    Two examples that work on the Sophos E-Mail-Appliance but do not work on the Sophos UTM:
    Subject: .*\[ENC\].*
    Sensitivity: company-confidential

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. DNS Forwarders - allow a separate selection for Mail Protection

    If you've seen my DNS best practice (https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/32566/solved-dns-best-practice/109152#109152) post, you know that it recommends NOT using the DNS servers of your ISP and using Google or OpenDNS. The reason for this is that many providers hijack DNS, breaking rDNS.

    When I started that post over eight (!) years ago, there were very few Content Delivery Networks (CDNs). Today, they abound, and that's a problem that may well trump thr rDNS problem. As Alexander Busch described this situati in a post near the end of the DNS Best Practice thread, "Essentially, it is about the provider operating a large…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. time-of-click protection for email spear-phishing attack

    Many of today's threats, begin with a spear-phishing attack: a single,
    carefully crafted email that tricks a recipient into clicking a link to download malware or open a malicious attachments.

    Handling this type of emails like proofpoint would be really nice to have in UTM as email protection appliance. Handling is to actually replace links, attachements so everything runs sandboxed if suspicious.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Email Applicance - Possibility to remove Disposition-Notification-To and Return-Receipt-To headers

    Product "Email Appliance" is not available so posting it hear instead.
    Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
    I would like to remove those 2 headers (only for certain recipients) and sent the mail through.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to scedule the quarantined eMail report to be sent more than twice a day

    Customers want to have more flexibility and options when it comes to scheduling the quarantined email report daily sending frequency, as only twice a day is not enough.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.