Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 1161 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Optional Notification to sender or receiver if an email gets quarantined

Aleksandar Pavic

So I've seen that such feature is decided not to be developed, based on similar forum thread.

https://community.sophos.com/utm-firewall/f/mail-protection-smtp-pop3-antispam-and-antivirus/75522/notification-to-sender-if-an-email-gets-quarantined

However, such feature should be optional.

Email is used by non-professional IT users, and they have hard time figuring out that somebody like other business user from other corp sent them email with attachment which was quarantined and not released...



This thread was automatically locked due to age.
  • 0

    Ćao! Aleksander and welcome to the UTM Community!

    It's been a long time since I tested it, but I recall that if the Quarantine Report is not activated, every quarantined email causes an email to be sent to the recipient with information about the quarantined email.  I prefer to activate the Quarantine Report.  If having the Report generated more than twice a day is needed, cron jobs can be created to accomplish that.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Please clarify the direction message flow:

    External user to inbound user, UTM quarantines the inbound message?

    Notification to internal recipient?  this is handled by the quarantine reporting that Bob Alfson mentioned

    Notification to external sender?  This is unwise

    or

    Internal user to external user, UTM quarantines the outbound message?

    Notification to internal sender?   I am unsure whether this is possible.

    My recommendation is to have all quarantine evaluations performed by a system administrator, not an end-user, so even the quarantine report becomes unnecessary.   For inbound messages, users are poorly equipped to judge whether a message is legitimate or fraudulent.   For outbound messages, the system manager needs to explain to the user why the message violated policy, or needs to verify that the source computer is not infected.

    Doug Foster

Unfiltered HTML