XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

Determine Outgoing Mails not only through sender domain (Problem with Spoofing Mails)

Currently the Sophos XG and UTM Mailfilter seem to make a difference on Outgoing and Incoming Mails.

An incoming Mail seems to be determined by checking the protected Domains. All Domains that are not protected Domains are incoming Mails.

An outgoing Mail seems to be dtermined by checking the protected Domains. All Protected domains are incoming Mails.

That could lead to several problems, because only the Domains are taken into account in this decision.

1. In my opinion when "Scan outgoing mails" is not checked there is no check on "outgoing" mails. That could lead to problems with spoofing mails not being scanned by anti virus. (Please correct me if I'm wrong)

2. No SPF Check is carried out on "Internal Domains" even if the mail is a spoofing mail from a foreign server (for example when sende rand recipient are the same)

Other Checks like RDNS / Greylisting / Strict RDNS can filter out some of those spoofing mails but not all. On all other Domains SPF is working fine but not on internal domains which I think is a severe flaw.

So it would imho be necessary to not only determine a outgoing mail by it's domain and by other factors (for example additionally through a list of hosts that may send outgoing mails)

This is absolutely necessary to prevent furhter confusion and make the spam filter more secure and like anyone would expect it to work.

3 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Bjoern Ebner shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.