Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.

What’s new

We have released several enhancements in admin quarantine, user quarantine, and quarantine summary email. We have also improved a few features of Sophos Email.
Watch the video attached at end of this post to familiarize yourself with the enhancements.

Applies to the following Sophos products
Sophos Email

Admin Quarantine

You can now use advanced search in admin quarantine, as shown in the screenshot below. By default, the admin quarantine shows you last week’s quarantined messages. The header of direction column allows you to filter the messages and the color highlights which filter is active.

In the message details, you can look at the URLs in the message body and search for specific one that you’re looking for, as shown in the screenshot below.

Lastly, as shown in the screenshot below, we have made the Message Details page of the quarantine more consistent with the one shown in the Message History, giving you the options to block sender’s address, domain, or IP address (domain information shown).

User Quarantine

You can now use advanced search in both end user quarantine and distribution lists quarantine of SSP (Self Service Portal), as shown in the screenshot below. By default, both the quarantines show you last week’s quarantined messages.

Quarantine summary

We have added two fields in the quarantine summary To and Reason. The field, To, will help the end user identify whether the quarantined email was meant for – the user, a delegated mailbox, the distribution list owned by the user, or an alias of the user. This recipient information will help the user make an informed release/delete decision. Sophos Email can be configured to send many categories of email to the end user's quarantine such as – Authentication failure, Unscanned, Intelix Threat(s), Malicious URL, Spam, and Bulk. So, we have added the field, Reason, to help the user take an informed release/delete decision.

Furthermore, when the release/delete is clicked, the user will be presented a confirmation page with the details of email, so that an accidental release/delete is prevented. This confirmation page will also prevent release/delete of emails by intervening email processing systems that evaluate links by navigating to them. Additionally, the confirmation page will show the options to allow the sender in case of release, and block the sender in case of delete. Note, allow/block should be enabled for the end users in Global Settings, for those additional options to show in the confirmation page.

Other improvements

You can now submit your outbound messages to port 587 of Sophos Email, in the gateway mode. Earlier, only port 25 was supported.

We have added a capability to detect a compromised mailbox based on the traffic pattern. When we detect so, you will receive an alert asking you to enable Multi-Factor Authentication (MFA) and to request the user to change the password of the mailbox.

We have improved the Impersonation Protection to support more VIP(s). You can now add up to 500 users as VIP(s). Earlier, only 200 users could be added.

Watch the demo video