Please add blocked file type in the log viewer or mail logs so that we don’t have to go into policy test and see what file type is been blocked.

When a user replies or forwards a message that was previously sent as encrypted, the Outlook ribbon will show the Encrypt button as being pressed. This gives the end-user the impression that the mail will be sent as encrypted. But the add-in will not insert the "x-sophos-spx-encryption: yes" line in the e-mail header, so the XG will not encrypt the message. Please get the Outlook add-in fixed so that will properly modify the e-mail header when the Encrypt button is shown as pressed.

We can block connections from country based rules, thanks for theSophos.
But we can not filter mails if there is chinese , arabic or russian characters in its body.
It would be very nice if we can filter mails with predefined character sets.
For example if the subject has chinese charset or if the body has russian charset.

Hi,
To be able to purge all emails in mail spool via GUI instead of CLI!
Many Thanks

Prior to 17.5 upgrade, you could see details about an email that was rejected\dropped (senders IP address, among other details) that seems to have been removed in this latest firmware. Hovering over the email in the mail logs says why it was rejected, but the only way to get more detail now would be to open an console session. Please add functionality back in future releases (we are running in MTA mode)

When a mail has been rejected I can see this in the log but I don't know which RBL has triggerd this and why.
I wish more details in the email log.

When a mail has been rejected I can see this in the log but I don't know which RBL has triggerd this and why.
I wish more details in the email log.

When DLP encrypts a mail the notification that the sender receives has an attachment with the headers of the encrypted mail. Not all senders of email are IT admins. Please change the senders DLP notification so that they are made aware of which email sent was encrypted and why e.g. Your email sent to (recipient) at 27/1/2019 13:00 was encrypted as it contained an IBAN number.....

Currently it's only possible to use the MTA in Transparent Mode.

It's not possible to choose to use it only as MTA without the Transparent Mode.
If the Automatic MTA Rule is disabled MTA isn't working anymore.

Please make it possible to choose between a Transparent and a not Transparent Mode of the MTA like it was in Sophos UTM.

When looking through Email - Mail Logs i'm able to view previous days/months. When looking through log viewer i'm only able to see the previous day. I would like an option to export mail logs from the Email - Mail Logs menu as this contains more usable data.

While some one send a mail with protected File as an attachment, Sophos will not show any logs in the e-mail Logs Troubleshooting and it quarantine mails even-if sender address/mail domain is added in the white-list.
Sophos will send bounced back mail to the sender regarding nondelivery of the mail for those recipients who are in CC that sopho could not able to send the mail with recipient error .

As of now solution is send the protected file as zip format in the attachment.

Rakesh Maniya

When you configure the quarantine digest to reference the external IP address of the XG unit, the digest email references the "Admin Console Port". This is absolutely absurd. It effectively means that I need to open up access to the Admin portal to the entire world without restriction - this is a MASSIVE security risk.

The easiest solution is to change the XG to use the User Portal port for the "release" link under the action heading.

Would be nice if you should display more than 20 messages at a time for those situations where massive amounts of email needs to be deleted from logs. We were just in the situation where we had to delete 7,000 messages and had to do them 20 at a time. We shouldn't need to run a script on the backend or call technical support. Have maybe 20 message option, 100 message option, 500, 1000, etc.

I would like to know if there is a way to add the well known and trusted domains to the quarantine digest skip address patterns with a simpl

on 17.5 new SPF settings if enabled, the behavior for SPF is if SPF results is NONE it will reject the email. There should be option to either reject or accept emails with no spf records.

Hello Team,

We have customer here requesting to have option to blocked recipient email address under MTA mode on Sophos Firewall XG. For your assistance please

we are now using a Firewall with a global quarantine for E-Mails with office documents which are send from outside. Administrators release this E-Mails after reviewing them. Not a single one emotet E-Mail reached a user since we have this feature enabled. As soon as the feature is implemented in the XG Firewall, we can switch completely to the XG and turn off out old Firewall. We need this feature absolutely on the XG

Need to make Strong incoming Email Protection with Sophos XG135 Firewall like a Sophos UTM 120 Firewall (This e-mail was blocked because it is likely to be spam, virus infected, or caught by the expression or file extension scanner.)

e-mail notification for deleted / rejected spam-mails. If you don't use quarantine for spam you don't get any Information about deteled /rejected mails