We'd love to hear about it! Click here to go to the product suggestion community
Hello,i configure the E-Mail notification like in this article:https://docs.sophos.com/esg/enterprise-console/5-5/help/de-de/esg/Enterprise-Console/tasks/alerts_02_email.html
If i create a test alert (with eicar) no email is generated.If i put the client IP on my Exchange to the Relay Connector then it works.But i don't wont to put all IP's in it because of security aspect.Is it possible to configure the Clients without relaying?RegardsDennis
Hello Dennis,Please have a look at these articles regarding Alerts:Sophos Enterprise Console: How to set up endpoint email alerts How to set up Enterprise Console email alerts based on dashboard thresholds
In reply to Barb@Sophos:
Thanks for the articles……I configure the endpoint alerts like in the article.This works for me only if i put the endpoint ip to my Exchange Relay authorization.If i do this not i don't get an email.But it can not be that I must entitle all endpoints to relay.....
In reply to Dennis Haschke:
as the endpoints are sending these emails they need an SMTP server that will accept and forward the messages (how else could they be able to send them?)
In reply to QC:
Thats the answer from Sophos:
wenn sie die Antivirus- und HIPS-E-Mail-Benachrichtigung konfigurieren schicken nur die Endpoint Clients die Mails ( z.B. bei einer Erkennung).Mean that i need an open relay….I thought the SEC Server receive the mails and send it to the Mailserver.
the SEC Server receive the mailsno, the SEC server receives the alerts and events (but does not forward them as emails). The functionality is from a time when SEC (central management) did not yet exist. Please note that you get an email for all detections - whether properly dealt with or not. Thus in most cases there's nothing to do in response to these emails (other than deleting or archiving the email ).