Exceptions

On the SMTP > Exceptions tab you can define whitelist hosts, networks, senders, and recipients that can be excluded from antispam, malware, or other security checks.

Note – Since emails can have many recipients, and Sophos UTM on AWS implements inline scanning for the SMTP protocol, scanning of an email is skipped for all recipients if one of the email's recipients is listed in the Recipients box.

To create an exception, proceed as follows:

  1. On the Exceptions tab, click New Exception List.

    The Add Exception List dialog box opens.

  2. Make the following settings:

    Name: Enter a descriptive name for this exception.

    Skip these checks: Select the security checks that should be skipped. For more information, see Email Protection > SMTP > Malware, Antispam, and Data Protection.

    For these source hosts/networks: Select or add the source hosts/networks (i.e., the host or network messages originate from) that should skip the security checks defined by this exception rule. How to add a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page.

    Note – No exception needs to be created for localhost because local messages will not be scanned by default.

    When selecting this option, the Hosts/Networks box opens. You can add a host or network by either clicking the Plus icon or the Folder icon.

    OR these sender addresses: Select the senders' email addresses that should skip the defined security checks.

    When selecting this option, the Senders box opens. You can either enter a complete valid email address (e.g., jdoe@example.com) or all email addresses of a specific domain using an asterisk as wildcard (e.g., *@example.com).

    Note – Use the Senders option with caution, as sender addresses can easily be forged.

    OR these recipient addresses: Select the recipients' email addresses that should skip the defined security checks.

    When selecting this option, the Recipients box opens. You can either enter a complete valid email address (e.g., jdoe@example.com) or all email addresses of a specific domain using an asterisk as wildcard (e.g., *@example.com).

    Comment (optional): Add a description or other information.

  3. Click Save.

    The new exception appears on the Exceptions list.

To either edit or delete an exception, click the corresponding buttons.

Related Topics Link IconRelated Topics