Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 15867 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Outlook Add-In - configuration possibilities of Add-In/APIs or web services

MatthiasSchmidt

Hello,

I have a short question about the Sophos Add-In for MS Outlook.

After the go live of our Sophos Email Appliance users screamed desperately for an Outlook Add-In to mark emails as Spam. 
With our old SonicWall solution they had the possibility to do this, mark an email as spam and add it automatically the the block list of our appliance.

Since we have the Sophos Add-In we noticed that the amount of SPAM increased pretty badly even the fact that most users mark Spam mails with the Add In.
After reading some more manuals we found out that Sophos doesn't add the senders of possible Spam mails to the block list of our appliance but sends it to Sophos Labs for analysis. 

So our CEO's wants us to develop our own Add In where users mark mails as spam mails and thanks to the add in we add the sender to the block list of our own appliance.

Does anybody of you know if Sophos Email Appliance offers any API or web service interfaces to do this?

Thank you very much and best regards

-Matthias Schmidt



This thread was automatically locked due to age.
  • 0

    Hi Matthias,

    The outlook plug in reports the message to is-spam@labs.Sophos.com where it is cross referenced with like spam.

    There are two major reasons why this is far better then trying to maintain your own black list.

    #1 - the ip the mta connects from will probably only be used once, and will change often. So you may get some Nigerian prince spam from ip 123 and 10 mins later it will be from 204 . So yes you could block them but it will be a nightmare to maintain.. not to mention what happens on the off chance a company you want to receive email gets a used ip 6 months down the road.

    #2 - when you submit samples via the outlook plug in you are also providing the content of the email. There are may rules that check messages based on the content. So when you submit them to is-spam you are also providing content in which to link spam campaigns to.

    If you are seeing an increase in spam, I highly recommend going over the following KB to ensure your spam setting are set optimally.

    community.sophos.com/kb/120802

    * ensure the delay queue is enabled
    * no exceptions to the rules (unless absolutely necessary)
    * ensure you also have BATV and Bulk mail rules as may users get confused between bulkmail and spam.

    In regards to an api, I do not think its possible to modify the configuration or update the appliance in the way you are thinking.

  • 0 in reply to Red_Warrior
    Great advice . I just made one change to your post which is the KB link. Thanks Red_Warrior!
  • 0
    Hi Red_Warrior,

    thank you very much for your answer.
    Of course there are advantages, sending these mails to sophos labs for analyzing and blocking these mails globaly but honestly we want to allow our users to use and customize their own black list to block mails. We want them to customize it the easy way without first logging on the user center delivered by email appliance.

    Almost all other junk solutions come with this functionality and we were really suprised Sophos doesn't offer it.

    I already opened a feature request at sophos developement and according to the support guy we have a good chance Sophos really develops it or extends the existing add on.

    In case of the API, you're right. There are no interfaces delivered by sophos which we could use to bulid our own add in.
  • 0 in reply to MatthiasSchmidt
    Hi Matthias,

    I would probably make an easy dns link for your users that resolves to the end user quarantine page. aka www.spam.mydomain.com. If you enable all of the features in users section of the end user interface users have the ability to individually approve or reject their own bulk and spam.

    If you would like to raise a feature request on the Astario forum, dev team does review the forums regularly. http://feature.astaro.com/
Unfiltered HTML