Adding Exceptions to your Sophos XG Mail Filter

 1. Login to your Sophos XG Webadmin console at:  (use your enduser admin account, not the default "admin" user to ensure your change audit trail is meaningful)

2. From the main dashboard look to see if your system says "Sophos Firewall manager: us-xxxxxxxxxxx" if it does then TechNosis in manager your firewall as part of your services. When this is true we make regular backups of your configuration and you can skip step 3. If Firewall manager is missing or blank; then we are not managing your system and you should make a backup of your configuration before preceding.

3. To make a backup of you configuration follow this 6 click flow. Not that you will have to click on local a two different points in the process.  (If you don't make a backup and you make a mistake it is highly possible that you will lock yourself out and half reset you firewall to factory default to repair it. This sort of error is a lot more common that it was on the Sophos SG system).

4. After the backup is done:
  • Click on Protect > Email
  • Click on General Settings
  • Scroll down to Allow and Block Senders

5. In this Section you can add:
  • Block specific from addresses
  • Allow specific email addresses
  • Allowed IP addresses
  • Allowed Fully Qualified Domain names like, etc.  (never enter your own company domain as that would allow spammers to use your own domain to flood you with spoofed spam).
After you have your settings you can hit Apply to save changes.

How did we do?