Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +7 person also asked this people also asked this
  • Locked Locked
  • Replies 59 replies
  • Answers 3 answers
  • Subscribers 18 subscribers
  • Views 27895 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mail Being blocked as SPAM

cmyk_asim

Hi,

We run a UTM9 (virtual appliance) and have many customers using hardware SG appliances.  This afternoon we have have many reports of email issues, with sending and receiving from a variety of company addresses and gmail.com / hotmail.com domains.

According to the mail manager all of the emails are being dropped as confirmed spam.  Is this a dodgy pattern update?

Internally we are currently on FW 9.601-5 and pattern 161467.

I have switched reject at smtp time to off and emails are now getting quarantined.  Have logged a support call with Sophos via email and am in the phone support queue.

Any one else experiencing this?

Rgds

Asim



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Graham Davey

    We have the same issue with pattern 161487 with  9.601-5 (No Update instelled the last days):

    You can test by using a PING test to ping@stamper.itconsult.co.uk 

    The reply will will be "CONFIRMED SPAM"

  • 0 in reply to Graham Davey

    I have a feeling that if rollback was a possibility then Sophos would have done it, it feels like the nightmare we had last month with Sophos vs Microsoft April update freezing all the clients PC's on boot.

    Has anyone actually spoken to sophos yet .. ?

    I only have 58 customers to look after  !!!

     

  • 0 in reply to Colin Coleman

    I was in an online chat session - they advised me to restart the service 

    /var/mdw/scripts/ctasd_outbound restart
    /var/mdw/scripts/ctasd_inbound restart

    however that didn't make any difference - I was then waiting for them to tell me if I could manually clear the cache to see if that would fix it but the guy disconnected. Waiting in the queue again.

  • 0 in reply to Erik

    The OP was reporting FW 9.601-5 and pattern 161467.

    The notification of your message was also flagged as Spam

  • 0 in reply to Colin Coleman

    You can update manually if you change the interval to manual (Management -> Up2Date -> Configuration tab).

    I have pattern 161490 and can still see legitimate messages being dropped as spam.

  • 0 in reply to Graham Davey

    Graham Davey said:

    The OP was reporting FW 9.601-5 and pattern 161467.

    The notification of your message was also flagged as Spam

     

    Thanks for the information - Looks like, that SOPHOS or CYREN detects the mail as spam if they detect an UK email address or some other parts in the mail content.

    So creating a rule for whitelising senders with this email will not temp. solve the issues, because many have footers or replied emails, which will also he handled as spam.

     

    I turned of rejecting of CONFIRMED SPAM and move it into quarantine. Not the best solution, but we don't loose mails.

     

    Hope, that SOPHOS fix the issue ASAP!!!!!!!!