Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 872 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Emai Protection with Sandstorm and URLs

RasalGhul

Hi,

So far, i thought that using XG email protection (MTA mode) with sandstorm, the urls/links in email will be scanned or rewrited to sophos-sandbox (time-of-click). But the urls in emails seem to stay untouched (tested with eicar, sophostest.com and a real malicious url - no sandstorm activity is logged). Only attachments are scanned through sandstorm. Is this correct or am i missing some further configuration?

Thank you

 



This thread was automatically locked due to age.
Parents
  • +1

    Rasal,

    If I remember correctly, the ToC is available only on Sophos Email Appliance (SEA) where each link is rewritten with the SEA URL.

    On XG, the Sandstorm checks the attachment to understand if the file is malicious or not.

    Regards

Reply
  • +1

    Rasal,

    If I remember correctly, the ToC is available only on Sophos Email Appliance (SEA) where each link is rewritten with the SEA URL.

    On XG, the Sandstorm checks the attachment to understand if the file is malicious or not.

    Regards

Children
No Data