This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow a specific user to Release Emails from Quarantine

Can we allow a specific user to be able to Release Emails from Quarantine instead of Administrator ?

I know that in the UTM9 Admin portal setting we can declare a user as Admin and then the said suer would be able to manage the settings etc however is there a way , we can declare just one another user to release Emails from Quarantine.

Sínce in Quarantine report- release options if we allow for e.g. specific file types to be allowed to be released by users that means it is a a Global Setting and we cannot define that only one specific user should have the said setting.



This thread was automatically locked due to age.
Parents
  • We use that feature for our hotline users helping our customer's endusers.

    Management / WebAdmin Settings / Access Control

    There create a new role and assign the "Mail Manager" and "Mail Protection Manager" (if they should be able to change settings like creating exceptions) and assign the user. The user has then to login via WebAdmin (Port 4444 by default) and sees a limited view of the SGs menus.

    Regards,

    Kevin

    Sophos CE/CA (XG, UTM, Central Endpoint)
    Gold Partner

  • Hi Thanks alot.

    So we already have a admin user with super user capabillities, would it be posisible to set a new user with only mail manager capabillities and not the other Sophos config changing capabillities ? Thanks in advance.

Reply Children
  • That new role should not be assigned to the default admin user.

    Think of the new user as a "helpdesk" user with limited rights instead. You can create a local user for that purpose as well as use a directory (AD/LDAP) user.

    Regards,

    Kevin

    Sophos CE/CA (XG, UTM, Central Endpoint)
    Gold Partner

  • Thanks alot just to be clear 
    This new user "Role" would only have limited rights if we assign the "Mail Manager" or "Mail Protection Manager" capabillities ?
    And would not have any other advanced rights as admin has, right ? unless explicitly specified
    Thanks a million for the help.

  • Hi , I checked the said solution and yes it is posisble, Thanks , the only question is , if lets say the User A now has the role Email protection manager in his profile and can release Emails , but the User A can see all Emails , can we restrict in any way that User A could only see his Emails when he has the Email Protection Manager role assigned ?
    Thanks , would appreciate your response.

  • Hallo Ali and welcome to the UTM Community!

    User A would be able to see all of the emails in the Quarantine.  On the 'SMTP Log' tab, he will see the from, subject and to for recent emails, but will not be able to access the content of the delivered emails.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA