Mail Being blocked as SPAM

You can update manually if you change the interval to manual (Management -> Up2Date -> Configuration tab).

I have pattern 161490 and can still see legitimate messages being dropped as spam.

Hello,

yesterday i had the same Problem

Mails from co.uk are marked as SPAM (confirmed)

I created an exception rule for *@*.co.uk. So we can recieve the Mails from our businesspartner.

I also talked with the german Sophos Support and telled that mails are blocked and that my suggestion is that this might come from a bad Pattern.

Firmware : 9.601-5

Pattern: 161489

Greetings

Graham Davey said:

The OP was reporting FW 9.601-5 and pattern 161467.

The notification of your message was also flagged as Spam

 

Thanks for the information - Looks like, that SOPHOS or CYREN detects the mail as spam if they detect an UK email address or some other parts in the mail content.

So creating a rule for whitelising senders with this email will not temp. solve the issues, because many have footers or replied emails, which will also he handled as spam.

I turned of rejecting of CONFIRMED SPAM and move it into quarantine. Not the best solution, but we don't loose mails.

Hope, that SOPHOS fix the issue ASAP!!!!!!!!

I can confirm this behaviour, most of emails blocked/classified as spam are coming from .co.uk domains

Appreciated that "most" emails are coming from .co.uk domains, but 

but i feel that's a bit like "...most of the icebergs are not in our path captain !!"  :-) 

Lets hope we get some sort of response soon, does Sophos actually monitor these community messages ... ?

https://community.sophos.com/kb/en-us/134082

says to restart the cyrens service or reboot to clear the cache...

no improvement here when doing

Guys I think I've worked out a fix for the issue.

ssh onto the appliance - and then stop both the ctasd services:

/var/mdw/scripts/ctasd_outbound stop

/var/mdw/scripts/ctasd_inbound stop

then before they restart themselves rename the ctasd cache directory:

mv /var/cache/ctasd  /var/cache/ctasd.old

Once the services restart emails seem to be coming through fine.

Hi all,

We have a pair of SG450 UTM Appliances (Firmware Version 9.601-5; Pattern Version 161489) running in Hot Standby Mode.

A reboot of both appliances has had no effect whatsoever on this issue.

I have also attempted to manually update the Pattern Version to the latest one available (apparently that is version 161493) and the appliances are failing to do this as well.

Now having to go manually through lots of e-mails wrongly quarantined to release them.

I'M A HAPPY CAMPER...........NOT :)

John P

Hi Daniel,

How do I avoid both services restarting themselves while I am renaming the ctasd cache directory or do they only restart themselves when I tell them to?

Thanks

I wrote the rename command in notepad before hand then pasted it in so I could do it before they brought themselves back up.