This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Report Message add-in when not using Sophos Mail

We've previously been using the Sophos Report Message add-in for Outlook to allow people to report messages to us, and allow reporting in the Phish Threat campaigns. We don't have Sophos Mail, but as far as I was aware this just meant Sophos also received a copy of any malicious emails that did get through our alternate mail filter(?), which wasn't really a concern.

However, we've now upgraded our 365 licences to A5 which means we now have the full ATP suite, and are using Microsoft's 'Report Message' add-in. This, obviously, causes quite a lot of confusion amongst our users, so we've had to remove the Sophos one for now. Is there any way to get the two options working together, or am I just going to have to cope with the loss of stats on who reported the campaigns? Disabling the Microsoft one isn't an option unfortunately An ideal situation would be one button which acts exactly as the MS one does, unless it's a Sophos Phish Threat campaign in which case it congratulates the user and marks them as having reported it in the campaign. I suspect MS are going to receive a lot of campaigns reported to them in our current setup

If there's any alternate method I've missed in the documentation, or anyone has any other advice as to what they're doing, any suggestions will be gratefully received.

Thanks!

This thread was automatically locked due to age.

Parents

0 emmosophos over 3 years ago

Hello Rbge,

Thank you for contacting the Sophos Community!

I am not sure but if you use the Phish Threat, you should be able to configure mailboxes, that will receive a copy of the reported message, you could, in theory, add the email address of the Microsoft Report Message add-in.

Before you upgraded to MS you had only the Phish Threat outlook add-in from Sophos?

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 emmosophos over 3 years ago

Hello Rbge,

Thank you for contacting the Sophos Community!

I am not sure but if you use the Phish Threat, you should be able to configure mailboxes, that will receive a copy of the reported message, you could, in theory, add the email address of the Microsoft Report Message add-in.

Before you upgraded to MS you had only the Phish Threat outlook add-in from Sophos?

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 RBGE over 3 years ago in reply to emmosophos

Thanks for the reply. While I did use the Sophos Report Message button to send a copy to a specified mailbox previously, this doesn't really work with MS ATP (or 365 Defender as they're calling it now), as there are a number of options on the MS button. Previously we didn't have any reporting method for our users, so anything reported via the Sophos button that wasn't a campaign would be sent to us where we could take action against any malicious links or emails... and I must admit I do like the format the Sophos option send reported messages in!

However, now that we're on 365 with a number of options available to users, we have to keep this one enabled... which unfortunately means campaigns will be reported as spam if the users detect them. I was just wondering if I'd missed something, as there must be other Phish Threat users with MS 365 Defender and it's a shame to lose the stats on our Phish Threat campaigns.

Feature request would be to have a button that integrates with MS and acts accordingly when a campaign message is reported (or if there was some way for MS to detect the campaigns)
Cancel
Vote Up 0 Vote Down

Cancel