E-Mail Quarantine settings / multiple domains same account

Question

Hello everyone, 
 at first: We are using FW SFOS 18.0.3 MR-3 
 
 I have several questions regarding the quarantine settings. I activate it within "Protect -> Email -> Quarantine settings" "Send test email" is working 
 1) Does the user become only a mail when there is a mail in quarantine? Or also when there are "0" new mails 
 2) We have several domains-alias for the the same mailbox (so ABC.org .. ABC-CO.org). Does this work also if the "firstname.surname" prefix of the mailaddress is still the same (eg: firstname.surname@ABC.org & firstname.surname@ABC.CO.org ) 
 3) I read in older topics that the quarantine only works for users created on the XG - our users authenticate via LDAP from Microsoft AD (which is also working fine. but here is the same problem - our internal domain is not the same as our external) 
 Thanks in advance 
 Janek Haessler

LuCar Toni · Accepted Answer

You could use a trick here. In XG you can specify the field, which is used for Email. You could use a AD attribute field, which is currently unused, and import those emails into this field. Then import this field into XG. 
 But as i mentioned: To protect yourself against modern email threats, take a look into Central Email.

Janek Haessler · Answer

Thanks for your reply LuCar Toni. 
 Thats not the answer I wanted to hear but ok 
 I made a crosscheck and it works with local created users when I add the mail addresses with the "," as separator . The funny thing is that now i see the mails that was quarantined when the user doesn't exist locally - ok, now I have to create 200 users manually without AD password sync.

Edit: 
 Check again. I can edit the AD User in sophos aswell and add the mail address there too. Not the best way but I can use the AD functionality

emmosophos · Answer

Hello Janek, 
 Thank you for contacting the Sophos Community. 
 1. The user will only receive an email when there&rsquo;s new quarantine, if there&rsquo;s none the user won&rsquo;t receive a digest 
 2. Quarantine digest will be sent to the first email address 
 3. As long as the LDAP users have authenticated to the XG, and you&rsquo;re able to see their Username and Email address under Authentication Users, the users should receive a Digest. 
 For your Point number 3, you mean for example your internal domain is domain1.com and your external users authenticate using domain2.com however their email address also is user@domain1.com? 
 Regards

LuCar Toni · Answer

This setup is not easy to deploy within XG. XG threats only user within XG as a potential digest user. Therefore you need a user to send the digest to. 
 I always recommend a migration to Central Email to cover multiple scenarios. Central Email can do this without any problems plus it integrate multiple attack scenarios like business email compromise and time of click. It is the more protective tool.

E-Mail Quarantine settings / multiple domains same account

Top Replies