Sophos XG too many Notification IPS and Malware over Mail

Hello,

i am reciving many Notifications like

Message:
BROWSER-IE Microsoft Internet Explorer XSS filter bypass attempt

Mostly i look up it has something to do with some kind of advertisement api from google or other cloud services. (There are other messages types too)

Now with 60 Users my mailbox gets very much full in no time, about 300 notifications sometimes in one minute.

First of all, these notifactions are not helping much, if i get them, its probaly blocked then right? And if i want check it, i would atleast need a IP-Adress or computername who is causing the trouble, after that i would look up what they were doing. So basically i could spare some work time if this information was already on the e-mail.

And option to group the mails would be nice than too, like if 200 mails of same source/alerttype only one will be send the next 5 secounds?

Adding notification excpetion would be also nice, like dont send or group after minute for specific alert message. (Example the above one is for internet explorer, nobody use that here anymore, but the ips scanns for all browser types sadly)



Edited TAGs
[edited by: emmosophos at 7:01 PM (GMT -8) on 15 Nov 2022]
Parents Reply Children