SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Wildcard support for antispam's sender blacklist & excepted email addresses

    Under "EMAIL PROTECTION > SMTP > ANTISPAM > SPAMFILTER"
    you are able to block email senders by adding their domain. You are also able to use wildcards i.e. "*@domain.com".

    Same you can do under "EMAIL PROTECTION > SMTP > EXPEPTIONS" to add a sender's email address to except him from specific rules (HELO, Antispam, etc.) buy using the same format and wildcards i.e. "*@domain.com".

    Unfortunately I get more and more spam emails from the same domain which uses A TON of subdomains i.e. the following (german) spam site:

    *@elektronik.de-at-ch.com
    *@rasierklingen.de-at-ch.com
    *@versicherung.de-at-ch.com
    *@mobil.de-at-ch.com
    *@reisen.de-at-ch.com

    The same applies to whitelist pages i.e.…

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Different skriplist for incoming and outgoing traffic for MailProtetion

    It would be great to have in the "Email Protection - SMTP - Transparent Mode" a different Skip-List for incoming and outgoing traffic.

    In some cases you you need to use that feature (f.e. Bridge Mode) to get all SMTP Traffic scanned for Virus and Antispam, but you need that feature only incoming.

    When you can´t skip outgoing that traffic will be blocked - so it would be great to get the solution to differ the traffic way. In other modules you have that feature.

    I know that is a special case, but without that the E-Mail Protection SMTP don´t…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Email exceptions to anti spam sender blacklist

    Currently in the list of email exception rules there is no way to bypass the Sender Blacklist list of email addresses or domains.

    If like us you want to block all Facebook mail, and do this via blocking *@facebookmail.com,but still want to say your marketing/pr department to have access there is no way to create an exception. All the other AntiSpam categories are covered in the exceptions tab but not this one.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. SPX - Opt Out Keyword

    The ability to add a keyword to subject or body of a email that will tell the UTM not to encrypt the email.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Wildcard usage before and after @

    Allow the usage of the wildcard '*' after @ as well as before. An example of this could be;
    *@mail165.atl61.mcsv.net which you could then do either *@*.mcsv.net or just even *.mcsv.net this would then stop spam mail from any address ending with .mcsv.net even if parts are changed.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. mail

    SSL/TLS Encryption for Smarthost Relaying. Actually it is only possible over Port 25 and an unsecure connection.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. AD Look-up MISSING contact!

    At the moment the currenct build in AD check/query is _incomplete_!

    This is the current AD check/query:

    AD_LOOKUP_OK = ${lookup ldapm{referrals=nofollow user=${quote:AD_USER} pass=${quote:AD_PASS} AD_SERVER/${quote_ldap:AD_BASE}?mail?sub?(&(|(objectClass=user)(objectClass=publicFolder)(objectClass=group)(objectClass=msExchDynamicDistributionList))(|(proxyAddresses=SMTP:${quote_ldap:PRVS_FLATTEN_RCPT})(mail=${quote_ldap:PRVS_FLATTEN_RCPT})))}{1}{0}}

    This is what is should be (as we use it, and have to change the exim every time the UTM is update):

    AD_LOOKUP_OK = ${lookup ldapm{referrals=nofollow user=${quote:AD_USER} pass=${quote:AD_PASS} AD_SERVER/${quote_ldap:AD_BASE}?mail?sub?(&(| (objectClass=contact) (objectClass=user)(objectClass=publicFolder)(objectClass=group)(objectClass=msExchDynamicDistributionList))(|(proxyAddresses=SMTP:${quote_ldap:PRVS_FLATTEN_RCPT})(mail=${quote_ldap:PRVS_FLATTEN_RCPT})))}{1}{0}}

    When you compare them you will find that we added:
    “(objectClass=contact)”
    As Exchange ready AD's can have contacts that can receive mail from "external".

    This "fix" can be implemented in the next release with no problem at all.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable Header Matching of Data Protection Custom Rules

    To match the functionality of the Sophos E-Mail-Appliance more closely, it would be helpful if it was possible to match E-Mail Headers with the Custom Rules of the Data Protection Engine.

    This would allow triggering SPX-Encryption by marking the E-Mail as confidential or trigger on words ONLY in the subject, not in the body.

    Two examples that work on the Sophos E-Mail-Appliance but do not work on the Sophos UTM:
    Subject: .*\[ENC\].*
    Sensitivity: company-confidential

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. DNS Forwarders - allow a separate selection for Mail Protection

    If you've seen my DNS best practice (https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/32566/solved-dns-best-practice/109152#109152) post, you know that it recommends NOT using the DNS servers of your ISP and using Google or OpenDNS. The reason for this is that many providers hijack DNS, breaking rDNS.

    When I started that post over eight (!) years ago, there were very few Content Delivery Networks (CDNs). Today, they abound, and that's a problem that may well trump thr rDNS problem. As Alexander Busch described this situati in a post near the end of the DNS Best Practice thread, "Essentially, it is about the provider operating a large…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. time-of-click protection for email spear-phishing attack

    Many of today's threats, begin with a spear-phishing attack: a single,
    carefully crafted email that tricks a recipient into clicking a link to download malware or open a malicious attachments.

    Handling this type of emails like proofpoint would be really nice to have in UTM as email protection appliance. Handling is to actually replace links, attachements so everything runs sandboxed if suspicious.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Email Applicance - Possibility to remove Disposition-Notification-To and Return-Receipt-To headers

    Product "Email Appliance" is not available so posting it hear instead.
    Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
    I would like to remove those 2 headers (only for certain recipients) and sent the mail through.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to scedule the quarantined eMail report to be sent more than twice a day

    Customers want to have more flexibility and options when it comes to scheduling the quarantined email report daily sending frequency, as only twice a day is not enough.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. SMTP Flood Protection

    If using UTM as a smart host, the Mail Protection should be able to halt mail flow if an SMTP address is sending an unusually high amount of e-mail. Recently had an issue with this and had to wipe out the UTM as it queued up over 500000 messages from a single user (due to virus).

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Block recepient address in SMTP proxy

    The option is required to block recipient email address in SMTP proxy to block users sending to their personal email accounts or to control recipient address if users are sending email to resigned employees by mistakenly.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Quarantineless Mail Protection

    to minimize spam handling and be legally protected i suggest to add a Quarantineless mail protection.

    Quarantineless means for me that any sort of mail filtering (spam/virus/...) is done during the smtp receive/transmit process. if mail is voted as Spam/virus-infectred/... reject (not drop) email ...

    AND!!!!:

    1. to handle "false-positive" mail ... send back an NDR (perhaps with different reasons (spam/virus-infected/..)), so that an sender knows why we reject the mail.
    2. if internal user wants to "allow" incoming mail from sender, internal uses send out email to blocked sender through Mail Protection ... Mial Protection implicitly whitelist this sender…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. UTM Multiple Site Location User Portal Mail Replication

    I ran into a deployment issue where a client has two office locations (i.e.: HQ and DR) with mail servers at each location for resiliency. We deployed a HA Pair at both HQ and DR of the UTM330 with a SUM however I found a major feature lacking within the User Portal for Mail Quarantine, White List, & Black List. Because each site location accepts mail messages can come from either HQ or DR meaning the user has to manage two separate portals for their Mail Quarantine, White List, & Black List. There is no single instance that allows the…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow custom exim configuration

    Allow custom exim.conf configuration to be added. Exim has alot of flexibility and features that are not available through the web interface, so it would be nice to be able to add your own custom config.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Spam unknown sandbox/hold

    This stemmed from a particular spam message we received. The spam was not caught by the filter(s) and was sent off to "Cyren" for analysis. In the time it took from that initial email to be sent to Cyren and then confirmed as spam, it had been 4 minutes. In those 4 minutes, we received multiple emails from that same sender, with the same subject, etc, which passed through the filters just as the first had done. Once Cyren responded back that the email was confirmed as spam, the UTM began blocking any future messages from that sender (as it…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Whitelist for File Type / MIME Type Filtering

    A customer wants to put email sender addresses on a white-list not only for bypassing spam filter, but for bypassing File Extension Filter or MIME Type Filter.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. email appliance

    Let the Sophos Email Appliance to accept LDAP credentials injection via HTML headers, query strings, or basic authentication headers in order to provide Single Sing On with 3rd party reverse proxy.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.