MTA - Whitelist and Blacklist

Hi DMR188,

There is a feature request submitted here: http://ideas.sophos.com/forums/330219-sophos-xg-firewall/suggestions/15977194--email-protection-urer-portal-users-to-have-abil

Please Vote for this feature!

Thanks,
Hugh

Under <email> , <General settings> tab, there is "Spam Check Exceptions"

Isn't that the place to put trusted sender domains?

Hi Americo,

It is a pending feature to whitelist/blacklist the sender domains in MTA mode on XG. Please cast your votes to this feature request here.

This feature is only possible if the XG is configured in legacy mode for Email Protection. Refer the article here: community.sophos.com/.../

sixteen again To  allow/reject Emails to a particular domain you can configure an SMTP policy in Email> Policies> Add SMTP Policy> Domain> Accept/Reject.

Thanks

Any new info to get blacklist/whitelist option to MTA? In legacy mode work great but we can't switch to MTA because this function missing(There is no option when you create smtp policy to select sender)...

I would like to know the same thing, this was mentioned months ago as on the feature list. No word on the current status.

I know for our company that until this is not fixed in MTA mode(That we can whitelist/block senders in SMTP rule) we will not use MTA and without MTA we can't test Sandstorm and also can't buy Sandstorm license...

P.S. We don't need per user rule! We need general rule which can't be override by user!

Hi

I have White Listed Domains With MTA in XG 130.

Here is how i did it:

1) Configure MTA mode

2) Goto Email -> Address Groups -> Add and create one for example in Name: WhiteListedDomains and in put the domain that you want to whitelist like this for example google.com

3) Goto Email -> Policies and you have for sure one SMTP Policy in that policie click on edit and under Domains And Routing Target on Protected Domain add the Address Group Created Before (WhiteListedDomains) and save.

And that's all

I hope i could help.

But you don't have blacklist option...

I've tried configuring an SMTP policy as you've mentioned here and that doesn't work. 

Final solution in v17:

https://community.sophos.com/kb/en-us/128049

Ha! They call it a solution! Now tell me how to block a TLD? you know, these pesky .work or .party or just simple .ru spam emails? The "Blocked email addresses" list will not accept "*@*.work" :-( They should've made the first list not "Allowed IP addresses/FQDNs" but "Blocked.." instead. And extended the mask to include just TLDs.

To be honest, in my opinion blacklisting a complete TLD seems not be a good solution. So I wouldn't implement that too. You never know who's going to send an email from such a TLD next time. Besides that I only see a few spam mails coming through. For these I'd like to see the greylisting feature work correctly. I bet that even the last spam mails are dropped then. The mentioned solution is more important to me regarding the whitelisting, as for example some important senders get blacklisted and don't do anything about it.

To be honest, in my opinion blacklisting a complete TLD seems not be a good solution. So I wouldn't implement that too. You never know who's going to send an email from such a TLD next time. Besides that I only see a few spam mails coming through. For these I'd like to see the greylisting feature work correctly. I bet that even the last spam mails are dropped then. The mentioned solution is more important to me regarding the whitelisting, as for example some important senders get blacklisted and don't do anything about it.