Today we had massive problems at our customers. Mails that are sent to Sophos UTM gateways were declared as confirmed spam. I found out that mails from Outlook are recognized as confirmed spam while mails sent from iPhone via Exchange or Outlook Web App are going through the mailproxy. Sophos UTM AntiSpam is using the global database from CYREN Ltd. (formerly known as Commtouch). Another customer is using another antispam-technology and he has the same problem!
Here is the official mail from Sophos:
Dear Sophos Partner,
We are seeing an increasing number of incidents where outgoing emails sent via Sophos UTM with anti-SPAM activated are classified as ‘confirmed SPAM’. At the moment we have no confirmation that this affects all emails or that it affects incoming emails but we currently cannot exclude this possibility. Our development team is working with urgency to solve this issue which appears to be caused by the SPAM patterns used. This means that a fix will be provided via live cloud lookup once available, rather than requiring a product or pattern update. Further information about how you or your customers can report this problem and updates on this issue until it is solved can be found in the following KBA: https://www.sophos.com/en-us/support/knowledgebase/122687.aspx
Thank you for your understanding.
Your Sophos Team
I hope they will fix this soon…
Update September 9, 2015, 4:30 pm UTC+2:
“According to our development department the issue should be resolved since 4:30 pm UTC+2.”