Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 121 replies
  • Subscribers 2 subscribers
  • Views 157892 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

outgoing mail wrongly classified as spam

Mast_01
Hello,
i've started having a problem since last week of outgoing mails classified as confirmed spam(and thus getting bounced).
checking the smtp log i dont find anything very useful as the refid is completely cryptic: 


2014:05:05-08:10:06 astaro exim-in[4918]: 2014-05-05 08:10:06 SMTP connection from [192.168.0.10]:16370 (TCP/IP connection count = 2)

2014:05:05-08:10:06 astaro exim-in[13568]: 2014-05-05 08:10:06 [192.168.0.10] F= R= Accepted: from relay

2014:05:05-08:10:06 astaro exim-in[13568]: 2014-05-05 08:10:06 [192.168.0.10] F= R= Accepted: from relay

2014:05:05-08:10:07 astaro exim-in[13568]: 2014-05-05 08:10:07 1WhGmc-0003Wq-2l ctasd reports 'Confirmed' RefID:str=0001.0A090202.5367718F.00EA,ss=1,re=0.000,recu=0.000,reip=0.000,pt=R_399335,cl=4,cld=1,fgs=0

2014:05:05-08:10:07 astaro exim-in[13568]: 2014-05-05 08:10:07 1WhGmc-0003Wq-2l id="1003" severity="info" sys="SecureMail" sub="smtp" name="email rejected" srcip="192.168.0.10" from="user@mail.com" to="Paganoc@***x.com, nadiap@***x.com" subject="RV: subject" queueid="1WhGmc-0003Wq-2l" size="85468" reason="as" extra="confirmed"


how do i parse that cryptic ctasd reference line?


This thread was automatically locked due to age.
Parents
  • 0
    This is the communication from Sophos I just received.
    Dear Partner, 
    We are seeing an increasing number of incidents where outgoing emails sent via Sophos UTM with anti-SPAM activated are classified as ‘confirmed SPAM’.
    At the moment we have no confirmation that this affects all emails or that it affects incoming emails but we currently cannot exclude this possibility.
    Our development team is working with urgency to solve this issue which appears to be caused by the SPAM patterns used. This means that a fix will be provided via live cloud lookup once available, rather than requiring a product or pattern update. 
    Further information about how you or your customers can report this problem and updates on this issue until it is solved can be found in the following KBA: https://www.sophos.com/en-us/support/knowledgebase/122687.aspx
    Thank you for your understanding.
    Sophos
Reply
  • 0
    This is the communication from Sophos I just received.
    Dear Partner, 
    We are seeing an increasing number of incidents where outgoing emails sent via Sophos UTM with anti-SPAM activated are classified as ‘confirmed SPAM’.
    At the moment we have no confirmation that this affects all emails or that it affects incoming emails but we currently cannot exclude this possibility.
    Our development team is working with urgency to solve this issue which appears to be caused by the SPAM patterns used. This means that a fix will be provided via live cloud lookup once available, rather than requiring a product or pattern update. 
    Further information about how you or your customers can report this problem and updates on this issue until it is solved can be found in the following KBA: https://www.sophos.com/en-us/support/knowledgebase/122687.aspx
    Thank you for your understanding.
    Sophos
Children