SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Ability to block any subdomain in the Blacklisted address patterns

I would like to block *@*.example.com but it is impossible. Spammers use subdomain in order to bypass the filter.

89 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Jerome DUMET shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    29 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Joe commented  ·   ·  Flag as inappropriate

        NEED the ability to block TLDS!! there are over 1570 top level domain and rising; most are junk!

      • Anonymous commented  ·   ·  Flag as inappropriate

        Too many spammers change their sub domains! it will be great if we can add a domain and sub domains (per ex *@*domain.com) in the field named « blacklisted address patterns »

      • C commented  ·   ·  Flag as inappropriate

        PLEASE ADD THIS! It seems so obvious, I'm suprised that it's not working.

      • C commented  ·   ·  Flag as inappropriate

        An absolute necessity, too many spam emails are getting through the filter at the moment. Blocking sub domains would help greatly

      • Alexander commented  ·   ·  Flag as inappropriate

        This would be very helpful to have. I'm surprised that after more than two years, there is no word on this.

      • Si commented  ·   ·  Flag as inappropriate

        Is there any update on this? This would make my life so much easier!

      • Scott Freasier commented  ·   ·  Flag as inappropriate

        Please, please added this. I am getting tired of getting grief from end users on the spam that is getting through.

      • Lyle commented  ·   ·  Flag as inappropriate

        When will this be fixed.?. Spammers are ganging up from the new TLD's and changing the names daily so static setting does not help. I am new to Sophos, barracudas could do this at my last job..

      • OculusX commented  ·   ·  Flag as inappropriate

        Yes, please. We need this ability to block sub-domains and all these new top-level domains spammers are using.

      • htguru commented  ·   ·  Flag as inappropriate

        I would also request that once the blacklisted address items are fixed to allow for subdomains or top level domains that there also be a choice somewhere for whether or not the resulting blacklist match results in a 550 mail failure, or just having the mail go blackhole. Currently if you have a single legitimate address in the blacklist it does work, but it results in a 550 mail failure stating additionally that the sender is blacklisted. I think most here would agree that it is far better to have the item be blackholed and never heard from again so that the spammer does not get a failure notice acknowledging the existence of your email address and that you have blocked him. Spammers love that sort of thing and will sell your address once you prove to them that it exists. The other features like RBL, SPF etc. all just drop the mail. Blacklisting should have the same option.

      • htguru commented  ·   ·  Flag as inappropriate

        Anyone that can open a ticket on this should open a ticket on this. I'm sure they track that too. I shut down my Barracuda Spam firewall I purchased for offering spam protection to clients because it was so expensive and this was working very good. It was a great value since it was included in the full guard or total protect. If something is not done soon, I am going to have no choice but to look for a real spam firewall or cloud solution that allows such a simple request to be processed rather than accepted for syntax and then ignored by the actual mailer system, presumably Exim. The problem with the UTM is it tries to do so much that many of its best features are nothing more than half-baked add-ons or afterthoughts. Come on guys get with it! Fix this so we can block all of these high-level patterns via top-level domains or subdomains. I'm very sure that at no time soon will anyone ever be getting a legitimate email from.xyz so please allow us to block it all by fixing this!

      • htguru commented  ·   ·  Flag as inappropriate

        I would add that this should work, that the blacklist actually accepts the syntax, and apparently it did work in the past but Sophos broke it and has not bothered to fix it. Come on Sophos! This would allow us to end this type of spamming instead of 250 of 3000 spams per day getting past the algorithms and RBLs and getting delivered.

      • htguru commented  ·   ·  Flag as inappropriate

        Jerome, This is a much need feature. If possible can you edit the title to include the ability to block entire TLDs? Lately the spammers are just killing us with endless different domains at new TLDs like .download .top .pro .eu, etc. with a different domain every time. Your original request for sub-domains working in the blacklist is no longer adequate but I would hate to start over with 0 votes when you already have 116.

      ← Previous 1

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.