Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Related
Recommended
Rahul Sinha

What’s new

Today, we have released a new feature, aggressive mode for anti-spam, which allows you to choose the level of catch rate to suit your needs. As the Anti-Spam configuration is part of Email Security Policy, you can configure different catch rate levels for different external senders/domains and for different internal users, groups, and domains. This feature gives you a great customization and a granular control over Suspected Spam catch rates.

Watch the video attached at end of this post to familiarize yourself with this new feature.

Applies to the following Sophos products

Sophos Email

    

How to use

In Anti-Spam of the Email Security policy, you will notice a slider showing 5 levels of catch rate – L1 to L5. As you move the slider to the right, the aggressiveness of the catch rate will increase for the Suspected Spam.

Note, any increase in aggressiveness of anti-spam catch rate will come with some increase in risk of false positives. So, you should configure the level carefully. Here are our recommendations on how to set the catch rate level:

  • You should change the level one step at a time and monitor the outcome in terms of false negatives and false positives for a period.
  • You should increase the level only if the decrease in the rate of false negatives is outweighed by increase in the rate of false positives for you.
  • Likewise, you should decrease the level only if you are unable to tolerate the increase in rate of false positives and are rather willing to tolerate an increase in rate of false negatives.

Following the recommendations above, you will find the level that fits your needs. Furthermore, we recommend that you set different levels for external senders or their domains. For example, if you receive more spams from a free mail domain, then you can set your policy to be more aggressive for that external domain. Likewise, you can protect the parts of your organization sensitive to spam runs by setting more aggressive catch rate level in a different policy for those users, groups, or domains. To find out more about suspected spam refer the knowledge base article here.

    

Other enhancements in Security Policy

As a part of this feature release, we have also made it easy to work with the Email Security Policy. You will find similar parts of the Email Security Policy settings grouped under vertical tabs, making navigation inside the policy more organized.

    

Watch the demo video



Unfiltered HTML