Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update Microsoft Secure Score when using M365 Mailflow.


I have noticed that when using the M365 mailflow, that the actions need to be manually mitigated. Is there a outline of all the actions that can be marked as resolved when setting up Mailflow? Can the integration automatically update the score if possible?

This thread was automatically locked due to age.
    Thank you for posting into the Community forum.
    I do not think there is a document yet outlining what happens when setting up mailflow.
    Basically here's a general outline:
    1. An M365 admin gives permission for Sophos to configure M365 so Mailflow can function with its environment. Involves permission to create rules and connectors in M365.
    2. Rules are created. (3 of them) One for making the spam confidence -1 (bypass spam scan in M365) for inbound emails. The other two are for inbound and outbound routing so M365 knows when to or not to use connectors to relay the emails further.
    3. Connectors are created (4 of them) theyre to make sure that emails communications between Sophos and M365 are secure, how to route emails when coming to and from M365 and Sophos.

    It should fairly be the same as the Gateway mode just a bit more though since in mailflow it goes from: M365 to Sophos to M365.

  • I was wondering if it would be possible to setup a feature request for Sophos to update the security score, when configuring the M365 mailflow?

  • Avoid using Mailflow mode like the plague. Nearly every issue we have is due to Mailflow mode. If you can use Gateway mode, this is the way to go.