Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1431 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block email senders by object or content

Youcef Rahmouni

Hi Community,

In this past few month we are receiving a lot of spam mail from different mail address (@hotmail,@gmail and other domains) So we can't block senders by email address. 

I searched a lot in my sophos VM version 18.4 MR4 seeking how i could block emails by subject because all the spam mails have the same subject but no luck.

Does sophos XG firewall support this feature?

Regards, & Thank in advance !!!!!!!



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    There's no option to block emails based on the subject. However, if these emails are spoofed/spam emails, an SPF check would catch them. What settings are configured with SMTP policy under spam protection? Did you configure your XG firewall in MTA mode? 

    Thanks,

  • 0 in reply to FormerMember

    Hi ,

    I am on MTA mode and configured SPF check but no luck blocking those senders!

    Regards.

  • FormerMember
    0 FormerMember in reply to Youcef Rahmouni

    Hi ,

    I'd suggest creating a support case and provide the original sample email and smtpd_main logs. If you're still getting these spam email, I'd suggest putting smtpd service in debugging and collect logs for further investigation. Once you open a support case, please send me the case number to help with the case follow-up and help with collecting the logs. 

    Run the following command to put the smtp service in debugging from Advanced Shell:

    • service smtpd:debug -ds nosync

    To remove the service from the debugging, run the same command. 

    To check the status of the service, run the following command: 

    • service -S | grep smtpd

    Thanks,

Reply
  • FormerMember
    0 FormerMember in reply to Youcef Rahmouni

    Hi ,

    I'd suggest creating a support case and provide the original sample email and smtpd_main logs. If you're still getting these spam email, I'd suggest putting smtpd service in debugging and collect logs for further investigation. Once you open a support case, please send me the case number to help with the case follow-up and help with collecting the logs. 

    Run the following command to put the smtp service in debugging from Advanced Shell:

    • service smtpd:debug -ds nosync

    To remove the service from the debugging, run the same command. 

    To check the status of the service, run the following command: 

    • service -S | grep smtpd

    Thanks,

Children
No Data