ES1100 features

Question

Hi All,

Currently im running 1 POC for 1 unit Sophos ES1100 email appliance, below are question raised by customer regarding email appliance feature.

Appreciate if anyone can provide suggestion or guide regarding features as required by customer. Thanks

How to open the attachments of the quarantine mails?
Create/configured to copy every email that go through email appliance?
Copy every mail to external/server so that we will have another copy of the mail?

This thread was automatically locked due to age.

TomA · Accepted Answer

Hi Azwan, For question 1, unfortunately it is not possible to open attachments direct from the email appliance GUI at this time.  However, you can view details of the quarantined attachment in 'Search > Quarantine'.  Quarantined e-mails can also be forwarded to an administrator in the same section. For questions 2&3, there are a number of methods to create archived copies of e-mails. If you want to copy every e-mail I would recommend to create a 'Use Only message attributes' policy in 'Configuration > Policy > Additional Policy'.  If you don't enter any message attributes this policy will affect every e-mail.  Alternatively, if you want the policy to only affect specific users/domains you can use a 'Watch list' policy. You then have several options available on the actions tabs.  For example: Main Actions: Quarantine and continue - A copy will be placed in quarantine as well as sent to the user Send a copy to another server - A copy will be sent to the specified smtp server in addition to the normal mail delivery server Additional Actions: Notify - This option allows you to notify a custom e-mail address and optionally include a copy of the original message as an attachment. Please note that 'Additional Policies' happen after the virus test, but before the spam test - so spam messages will also be archived. Hope this helps, let me know if you have any further queries. Tom. :20113