Can you please implement a way that a Network Range of IP Addresses i.e MailChimp Mail Send IP Addresses can be added into the into Exception Source Hosts / Hosts? As it stands currently as of version 17.5.9 MR-9 is that you can add individually but not a range. Considering these ranges are a /16 /20 this could take some time to enter.

I would like the ability to disable NDR's.

Our SG-210 had the ability to block/quarantine emails that had key words. It also showed the originating IP that the XG does not provide. These were great tools that I would like back.

Examples: .icu or .xyz

The ability to block inbound e-mail based on "Address Group" would be good as you can import addresses from a TXT or CSV, at the moment the only way to do them is manually in general settings and add them one at a time, which takes long if your blocking hundreds of e-mail addressees associated to ransomware/malware/trojans etc.

Outbound mail released from Quarantine does not use configured IP in MTA rule instead it uses WAN interface IP and as all the DNS records available only for the Configured SNAT IP in MTA rule and there is no DNS record for the WAN interface IP.

Quarantine mail failed to release as it takes WAN interface IP instead of configured SNAT IP.

Regarding the MALWARE scan mechanism, many times we have complains from office users that emails are moved to Quarantined because some files in them fail to be scanned.

Can there be a discrimination on a future update, regarding the exact sub-reason of an attachment being unscannable ?

For example, due to an error differs fromfile being locked with a password or a modified pdf failed to open or do open but with a pop up error message that user can bypass and view/edit file.

To activate/deactivate above said parameters, based on specific Sender address / domain etc.

Currently we have to way to find out from which source ip a rejected or accepted mail is coming.
Also for Outgoing emails we dont know which remote server received our email.
Please add to columns to the SMTP Log showing the SRC and DST IP.

We need to have a better spam filter/content filtering in the XG Firewall. the SG Firewall has a better filtering/blocklist to prevent spam. the XG allows messages that were not allowed through on the SG. not sure if this was from one of the blocklist/RBL but we need that one back, the XG filter is fairly week. can you please put a better one in? also need better content filtering

This is to check whether the mail going outside the network be authenticated and none of the malicious user would be able to share the confidential information thru email to the outside network

We are using Sophos SXG310 and it is configured in transparent mode and for Mail, It is configured as MTA mode. So Mails which are been rejected based on RDNS or IP Address basis by Sophos, Neither recipients or Senders are aware of this failed delivery. So we want to export mail logs based on filter "rejected" for some specific time period from Sophos so that we can manually intimate the recipients regarding failure of Delivery.
Please consider this requirement in next release.

This is the only feature that is preventing me from migrating from UTM to XG

I use the POP3 prefetch mode heavily for mail hygeine, but it is not possible in XG, and as this is used at home, I cannot alter my MX records as my ISP's IP ranges are blacklisted

Allow wildcard domains for enforced TLS when sending email. e.g. Force TLS to all *.gov.uk domains.

If you have 2 email domains defined, xyz.com and xyzllc.com, and emails to both domains go to the same users, the quarantine digest is sent for xyz.com but not for xyzllc.com.

We have configured the system to quarantine emails with certain extensions.
However, the recipient then only sees the quarantine reason "File Extension" in the notification. It is urgently desired that he also sees directly which file extension it is. The admin only sees this in the mail manager.

We have quite a few shared mailboxes for the likes of HR, Finance and reception to name a few. Whilst I can send individuals a quarantine report to their mailbox there doesn't seem to be the ability to do this with shared mailboxes, or at least they do not show up in the list.

It has come to my attention that DLP on the XG only catches certain things like social security numbers and bank accounts if there are 10 or more listed in the email. Most my clients when sending emails are referring to a single account with one or maybe two social security numbers, so these would never get caught. Even one social security number or bank account not encrypted in an email is a big problem.

The UI functionality is there but it saves without any errors although it doesn't work at all.
This allows customers with a large number of backup MXs or those using commercial backup MXs (it won't pass the SPF checking normally unless you make an exception rule for every single one of them....) to bypass SPF or any other checking.