I am currently starting to use Sophos Central Mail. First tests with the end-user quarantine have shown that released mails sometimes end up in the quarantine again after being released by another policy.
Here is the process I am observing:
1. mail (with unscannable attachment) comes in and is scanned
2. email security module quarantines mail because attachment can't be scanned
3. user gets quarantine summary
4. user releases the mail
up to here everything as I expect it but then:
5. data protection module detects the released mail as unscannable and moves it back to quarantine
Maybe I missed the point or it is intentional but my wish is that a deliberately released mail cannot be quarantined by another scan.
Maybe someone can help me.
[edited by: Raphael Alganes at 11:13 AM (GMT -7) on 2 Jun 2023]