With the latest v3.8 release of our Sophos Email Appliance, we’ve improved the ability to protect yourself from Phishing attacks by adding support for both common frameworks used to validate email senders.
Phishing attacks often attempt to spoof or forge the source address of their email messages, pretending to be someone they’re not in order to fool anti-spam systems and users alike.
Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) were both designed to help counteract this issue by helping legitimate senders prove that their email isn’t forged. Now you can implement anti-spam rules in the Sophos Email Appliance that act on the presence or lack of both SPF and DKIM validation and you can even add your own DKIM signatures to outbound mail, providing an added layer of trust to email originating from your organization.
As you would expect, enabling SPF or DKIM policy rules couldn’t be simpler. With just a couple of clicks you can easily add sender validation using these frameworks to your spam evaluation criteria.
But that’s not all, with v3.8 we’ve also enabled wildcards for selecting sub-domains for “Select Users” and “Custom Groups” when setting up policy and a few more enhancements. This release also includes a patch for the OpenSSL man-in-the-middle vulnerability. You can read all about the updates in the release notes.
Existing email appliance customers will receive this automatically during your next specified update window.