Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 13 subscribers
  • Views 1906 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Inbound allow list bypassing all security checks?

Andrew Kartsev

We use MailChimp to send comms to our business and Sophos Email Gateway blocks messages from it with reasoning "Bulk".

Mailchimp uses our Domain name as an envelop, so we whitelist the address "comms@domainname.com" to allow messages to be delivered.

However if I understand it correctly adding sender in inbound allow list means it will skip all security checks (including SPF/DKIM/DMARC) which means this particular address "comms@domainname.com" can easily be spoofed now?

If that's right then is there a way to customize what checks to skip (Bulk in this case) and what to leave in place?



This thread was automatically locked due to age.
Parents
  • 0

    I think the best work-around for this would be to create a separate policy for the specific email and remove checks on 'Bulk' emails. Then add your generic spoofing protection features (i.e. SPF/DKIM/DMARC). Not ideal but I'm sure it would work as a quick fix? Let me know how it goes as I can see this being an issue for myself in future.

Reply
  • 0

    I think the best work-around for this would be to create a separate policy for the specific email and remove checks on 'Bulk' emails. Then add your generic spoofing protection features (i.e. SPF/DKIM/DMARC). Not ideal but I'm sure it would work as a quick fix? Let me know how it goes as I can see this being an issue for myself in future.

Children
Unfiltered HTML