Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 26 subscribers
  • Views 6715 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Logs of oversized mails

RobertMarkusfeld

Hi i'm using a XG 115 with EMail Protection only for a few days.I only use it for Inbound-Email traffic (SMTP, SMTPS) so far.

I've heard from some of our employees, that customers can't get their mails threw our Anti-Spam filter, which I configured just a few days ago. I imiteadtly tried to look up the specific email in the Sophos protocol analyser, but there simply was NO email! I went threw the settings and discovered, that I misconfigured what should happen to oversized emails. I had "reject" selected. I changed that for now and also changed the size of analysed emails to the maximum, but why are oversized emails that are rejected or simply refused not found in the log?

I have two specific cases, where I can tell, that one Email is reported as "not going threw spamfilter" and a second one (plain text) was delivered just fine. But no log in the protocol!

By the way, is there any reason, besides performance, to NOT scan emails over a specific size?



This thread was automatically locked due to age.
  • 0

    Hi,

    Go to System > Current Activity > Spam Quarantine and filter the reason for "Message Size".

    In the email configuration option, 1024 KB = 8 Mb sized mail. If you configure this option to scan the maximum size available, you can face a delay in receiving or sending emails. 

    Thanks

  • 0 in reply to sachingurung

    Hi again,


    Thank you for your explaination on message size. I'll configure the device following our needs. Do I understand something wrong because 1024KB (kilo-bytes) would be 1MB (mega-byte) is there some *8 multiplier in the system or was is simply a typo or bit conversion?

    In my Spam Quarantine, there are NO entries. Still I am looking for logs, I don't tell the Sophos to put anything into quarantine. I only want to be able to trace an rejected email.

    Thank you!

  • 0 in reply to RobertMarkusfeld

    Hi Robert,

    Yes, to be less confusing 1024 kB = 1 MB. To get the logs take SSH to XG and go to option 5. Device Management > 3. Advance shell, run command:

    cd /log

    cat awarrensmtp.log | grep reject

    If there is no entries in quarantine section and no reject logs, I suspect anything dropped on XG.

    Thanks