Exclude entries from Inbound allow list from Enhanced Email Malware Scan?

Hey Sophos Team and Sophos Community,

an entry on the Inbound allow list does not exclude the mails sent by our mail server to bypass the Enhanced Malware Scan by Sophos when we have files attached.

Is there a way to exclude entries from inbound allow list from Enhanced Email Malware Scan (ideally without disabling EEMS as a whole for all  regular mails).

This would make my work a lot easier. Otherwise, I will have to bypass Sophos as a whole, which is possible, but requires triple the communication and paperwork.

Looking very much forward to some ideas or insights.

EDIT:

The menu entry "e-mail policy" allows me to edit the Base Policy - Data Loss Prevention. I can add domains there which should exclude the mails from this sender from the scanning process. Unfortunately it doesn't work like I thought.

My mails with attachments still go through Intelix Threat Analysis, and it deletes them. How do I create rules or policies or exceptions for that? I know I can disable that as a whole, but that is not my goal. I want certain mail servers to basically have a get out of jail free card.



Updated the post with new findings and new questions
[edited by: Luk123 at 8:18 PM (GMT -7) on 17 Jun 2022]
Parents Reply Children