This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Central email gateway, check email status - Authentication failures

MasTer-OogWay over 4 years ago

Hi,

Is there a way to view the details of the email that has Authentication failures?

eg., sender and recipient?

Can't find any details in the Message Summary or Message History

TIA

Oogway

This thread was automatically locked due to age.

Parents

0 LuCar Toni over 4 years ago

Authentication Failures are likely emails, which gets dropped by the entire MTA of Central. As Central is a cloud based MTA with a lot of emails per seconds, it is crucial to drop a email as fast as possible, if a drop is needed. So, central will drop this email in the SMTP transmission as fast as possible.

Just an SMTP example: https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#SMTP_transport_example

Most likely we securely can drop those senders based on different Sophos labs requirements and should not see false positives.

Your question about the message summary seems to be related to missing emails? Or just curiosity?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 LuCar Toni over 4 years ago

Authentication Failures are likely emails, which gets dropped by the entire MTA of Central. As Central is a cloud based MTA with a lot of emails per seconds, it is crucial to drop a email as fast as possible, if a drop is needed. So, central will drop this email in the SMTP transmission as fast as possible.

Just an SMTP example: https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#SMTP_transport_example

Most likely we securely can drop those senders based on different Sophos labs requirements and should not see false positives.

Your question about the message summary seems to be related to missing emails? Or just curiosity?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 MasTer-OogWay over 4 years ago in reply to LuCar Toni

Just curiosity.

Thanks!
Cancel
Vote Up 0 Vote Down

Cancel
0 MasTer-OogWay over 4 years ago in reply to LuCar Toni

LuCar Toni

BTW, how about on SPAMs? is there a way to check it..it might be false positives.

Regards,
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 4 years ago in reply to MasTer-OogWay

Spam and other checks (DKIM etc.) will be placed in your digest and your message history.

It is amazing, how much Central can drop because of easy checks. Because i saw customers getting 70-80% of their email "unwilling". And all those emails gets dropped without even reaching the user/admin digest. Hence he does not have to deal with them at all. Only false-positive emails like "You activate DKIM, but your sender failed the check", can be released by the admin. But those 70-80%(do not nail me down on those numbers), are completely untrusted email server.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel
0 MasTer-OogWay over 4 years ago in reply to LuCar Toni

LuCar Toni

Last question

There are 20+ spams in the dashboard and in my policy "confirmed spam" should be quarantined but I haven't seen any spam mail quarantine. Why is that?

Thanks in advance
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 4 years ago in reply to MasTer-OogWay

Spam will be split down between three categories.

https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/EmailSpamFiltering.html?hl=bulk

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel