This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Large amount of network traffic between Sophos XG 16 and *.ctmail.com ?

I have a test Sophos XG environment installed on a VM. There is no device linked to this firewall currently. It is put behind my main Sophos XG firewall.

Today, on the main firewall, a large amount of network traffic between this test firewall and 216.163.176.35 has been logged. It is just 10:40 AM here but 16117 HTTP hits and 1.11GB traffic can be seen on the main firewall's report dashboard. 216.163.176.35 is a server of *.ctmail.com

The test firewall has XG 16.05.8 installed.

I understand that sending DNS queries to *.ctmail.com is a part of email SPAM protection. But is something wrong that within 10 hours, more than 1G traffic has been logged?

Here is the screenshot:

This thread was automatically locked due to age.

0 ygary over 7 years ago

here is the current connection details between the firewall and the ctmail server.

192.168.1.156 is the firewall's IP
Cancel
Vote Up 0 Vote Down

Cancel