Overview
Sophos recommends that its domain (sophos.com) be whitelisted in Advanced Threat Protection (ATP) of Microsoft Office 365 to prevent ATP from automatically triggering links in Quarantine Summary sent by Sophos Email.
Applies to the following Sophos products and versions
Sophos Email
Impact
If not whitelisted, ATP can trigger links in the Quarantine Summary, thereby automatically releasing the emails from the quarantine. Automatically releasing quarantined emails can compromise the security provided by Sophos Email, since they can be unwanted.
What to do
Whitelist the domain of Sophos by making the entry *.sophos.com under the Default ToC Protection settings of the Safe link policy in Advanced Threats section of Office 365 – refer to the following screenshot.
Added tags
[edited by: Raphael Alganes at 1:31 AM (GMT -7) on 8 Jun 2023]