XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Users to have ability to manage emails Whitelist and Blacklist via User Portal and quarantine report .

    Users to have ability to manage emails Whitelist and Blacklist via User Portal and quarantine report .

    276 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    36 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow outgoing emails to be signed with DKIM

    Include the possibility of signing outgoing emails using DKIM for all or only selected email domains as in UTM9

    230 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    39 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Email Protection: Implement SPF and Header functionality into Sophos XG

    Hi Sophos, for Security and anti Spam enhancement please include the spf check and header modification functionality in your xg firewall.

    178 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Mail Manager

    Give us a mail manager screen like we had in the UTM 9 SG.

    123 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. POP3/IMAP-More scanning option

    At the moment, scanning POP3/IMAP traffic does only allow to change subject or accept. A really antispam engine will block spam email even on these protocols. Please add more action options.

    102 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. XG MTA mode - bypass a sender/recipient from email protection

    The new MTA SMTP deployment mode in SFOS v16 lacks the ability to bypass a (or some) sender/recipient from all email protections. At the moment, we can only create a SMTP policy to bypass a destination email domain from email protections, and it is not practical in most situations.
    However, in the Legacy SMTP deployment mode, we can create a SMTP scanning policy to bypass certain sender/recipient from all email protections.
    It will be great if MTA mode can be implemented with the feature of bypass certain sender/recipient from email protections.

    82 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. DMARC Support

    Please add DMARC to the E-Mail Protection. More Information under https://dmarc.org.

    This is a very important Security Feature for us.

    Thanks

    73 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Reason for email quarantine in quarantine list

    It would be great to use the GUI to see at a glance the reason for why an email was sent to the quarantine. Currently the easiest way to do this in the GUI is to un-check all of the "filter-by" options and check them one by one until you find the reason.

    Ideally an additional column would be added to the list that states the reason (Blocked Source IP, Spam, Infected, etc.). It would also be nice if the UI of the email filter section was brought inline with other parts of the XG, such as the live users…

    65 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. SFOS-XG, MTA- MODE: Add Black list / White List senders Emails -Domains

    SFOS-XG, MTA- MODE: Black list / White List senders Emails -Domains

    It would be a great feature if you can enable Blacklist / Whitelist of senders emails /domains on SFOS XG 17.0 MR1 when we use Emails Proxy -MTA mode.
    this feature used to be on UTM 9.xx and I'm wondering why its not on your next generation firewall.

    61 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow Wildcard Support for Email Domain Filtering

    Would be very helpful to be able to create content scanning rule using wildcard to filter known spam/spoofed email top-level-domains.

    Example:
    Filter rules using .xyz, .dot, etc. instead of domain1.xyz, domain2.xyz, domain3.xyz, etc.
    *.dot

    55 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Outlook add-in for Email Protection

    Please can we have an Outlook add-in which will allow users to blacklist with a single click.

    I love the daily digest which allows users to release false positives but there seems to be no function for undetected spam which makes it through.

    Thanks

    54 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Better SMTP Quarantine management

    I would like better control of SMTP Quarantine. When I have 10,000+ quarantined emails shown over 2000+ pages, I need to be able to:
    - filter emails by start/end date and time, having only start/end date is not adequate;
    - specify how many emails to display per page;
    - specify which page to display; having only previous and next page navigation is too slow;
    - perform bulk delete/release on all filtered emails on both WebGUI and API; select and delete/release emails page by page is too time consuming;
    Thanks.

    53 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mail Protection: File Protection Quarantine instead of removing Attachment

    Currently it is only possible to remove attachments from mails depending on file extensions or mime types. We would like to have a quarantine first approach which was possible on a SG.

    46 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Content based email filtering

    It would be very helpful if it we could set a filtering rule to bypass/mark an email if the content of the email contain certains words or phrases. I could be similar to a DLP rule but with custom parameters.

    41 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Implement Soft Greylisting

    The bigger mail providers are sending the mails from its customers with different mail servers which are having different IP addresses to balance the load. But this is very difficult for a greylisting mechanism which is programed very strict. As a result some mails are coming through late or senders which are on the whitelist are blocked.

    There is a mechanism around which is called "Soft Greylisting". For example: The last byte inside of an IPv4 address is not getting analyzed in the assumption that the mail server are normally together in a subnet.

    I would like to get "Soft…

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. SMTP Recipient Verification

    XG lacks the SG feature of being able to query the backend AD or Mail Server to verify the destination recipient.

    By default when XG is acting as a MTA it will pass on a e-mail even if it's addressed to a user that does not exist. SG used to be able to poll Active Directory to ensure the address was valid (or you could disable this).

    This feature should be ported into XG as soon as possible.

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Notify sender when email is rejected after acceptance

    Accepted e-mails may never be lost.

    If an assumed e-mail is discarded due to an e-mail policy, a notification to the sender must be made. False positives always occur.

    If an e-mail is rejected by the "Spam Protection" or "File Protection" policy, there is no way to inform the sender. The same applies to the RDNS tests, also the sender is not notified here.

    The reason:
    In Germany, an invoice can be sent by e-mail, even if the reminder is not respected, the court order for payment can be opened at the dunning court. About the statement "My firewall has…

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Show all rejected mails in Mail Logs

    If an email was rejected, due to invalid HELO or missing RDNS, you can't see this in the Mail Logs, only in the Log Viewer.

    To make troubleshooting easier, this information should also be visible in the Mail Logs.

    36 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. SPX Portal on port 443 in stead of 8094

    It is only possible to use ports between 1025 and 65535 for the spx portal. Receipients behind a firewall which block non standard ports will not be able to choose a password for encryption. I know port 443 is being used for the user portal so it will conflict so maybe use an alias for both. Just like the ssl vpn port not able to use port 443 is a major flaw in this product.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow FQDN host on email relay

    Enable email protection module -> relay settings -> Host Based Relay to allow from FQDN host rather than IP address. This will be useful when allowing O365 to relay through the XG firewall (required for email encryption when sending from an O365 tenant).

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.