Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 1874 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise console Sending Incorrect Emails

Pradeep Manyam

Hi,
We have setup few rules in "Data Control Policy". One such rule in send email notification to IT team, when some one send Microsoft document as attachment using outlook or google chrome. Today i noticed, i received an email saying i myself have attached certain file, which i did not.

Only thing i have done is, i have tried to upload few documents to intranet website, so have to browse these files using
file > attach dialog box. Sophos mentioned files are in this folder.

Does anyone have encountered similar situation.

thank you
Raj



This thread was automatically locked due to age.
Parents
  • 0

    Hello Raj,

    i have tried to upload few documents
    it's not clear how exactly and with which application you did it.
    One such rule in send email notification to IT team
    SEC only sends level exceeded messages. Alerts about particular violations are sent from the endpoint, email alerting is set for a policy (i.e. all rules in the policy). The email should mention the rule and action taken - the email message, the exact rule(s) mentioned, and the relevant part of the endpoint's Data Control log are needed to assess whether the alert was indeed incorrect.

    Please note that Data Control kicks in when an application opens/reads a file - it can't determine what the application actually does (or would do) with the file.

    Christian

Reply
  • 0

    Hello Raj,

    i have tried to upload few documents
    it's not clear how exactly and with which application you did it.
    One such rule in send email notification to IT team
    SEC only sends level exceeded messages. Alerts about particular violations are sent from the endpoint, email alerting is set for a policy (i.e. all rules in the policy). The email should mention the rule and action taken - the email message, the exact rule(s) mentioned, and the relevant part of the endpoint's Data Control log are needed to assess whether the alert was indeed incorrect.

    Please note that Data Control kicks in when an application opens/reads a file - it can't determine what the application actually does (or would do) with the file.

    Christian

Children
No Data
Unfiltered HTML