Unplanned Outage: Due to a technical glitch, customers might see higher wait times on Sophos Call Lines. We request for your kind cooperation. Please prefer logging a case via Sophos Support Portal, unless the situation is critical for you.

Sophos Email: Whitelist sophos.com in O365 ATP to prevent ATP from automatically releasing emails from quarantine

Overview

Sophos recommends that its domain (sophos.com) be whitelisted in Advanced Threat Protection (ATP) of Microsoft Office 365 to prevent ATP from automatically triggering links in Quarantine Summary sent by Sophos Email.

Applies to the following Sophos products and versions

Sophos Email

Impact

If not whitelisted, ATP can trigger links in the Quarantine Summary, thereby automatically releasing the emails from the quarantine. Automatically releasing quarantined emails can compromise the security provided by Sophos Email, since they can be unwanted.

What to do

Whitelist the domain of Sophos by making the entry *.sophos.com under the Default ToC Protection settings of the Safe link policy in Advanced Threats section of Office 365 – refer to the following screenshot.



Changed the title from "Sophos Email: Prevent automatically releasing emails from quarantine" to "Sophos Email: Whitelist sophos.com in O365 ATP to prevent ATP from automatically releasing emails from quarantine"
[edited by: DominicRemigio at 2:13 PM (GMT -7) on 29 Sep 2020]
Parents Reply Children
No Data