Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
Can we allow a specific user to be able to Release Emails from Quarantine instead of Administrator ?
I know that in the UTM9 Admin portal setting we can declare a user as Admin and then the said suer would be able to manage the settings etc however is there a way , we can declare just one another user to release Emails from Quarantine.
Sínce in Quarantine report- release options if we allow for e.g. specific file types to be allowed to be released by users that means it is a a Global Setting and we cannot define that only one specific user should have the said setting.
We use that feature for our hotline users helping our customer's endusers.
Management / WebAdmin Settings / Access Control
There create a new role and assign the "Mail Manager" and "Mail Protection Manager" (if they should be able to change settings like creating exceptions) and assign the user. The user has then to login via WebAdmin (Port 4444 by default) and sees a limited view of the SGs menus.
Sophos CE/CA (XG, UTM, Central Endpoint)Gold Partner
Hi Thanks alot.
So we already have a admin user with super user capabillities, would it be posisible to set a new user with only mail manager capabillities and not the other Sophos config changing capabillities ? Thanks in advance.
That new role should not be assigned to the default admin user.
Think of the new user as a "helpdesk" user with limited rights instead. You can create a local user for that purpose as well as use a directory (AD/LDAP) user.
Thanks alot just to be clear This new user "Role" would only have limited rights if we assign the "Mail Manager" or "Mail Protection Manager" capabillities ?And would not have any other advanced rights as admin has, right ? unless explicitly specifiedThanks a million for the help.
Hi , I checked the said solution and yes it is posisble, Thanks , the only question is , if lets say the User A now has the role Email protection manager in his profile and can release Emails , but the User A can see all Emails , can we restrict in any way that User A could only see his Emails when he has the Email Protection Manager role assigned ?Thanks , would appreciate your response.
Hallo Ali and welcome to the UTM Community!
User A would be able to see all of the emails in the Quarantine. On the 'SMTP Log' tab, he will see the from, subject and to for recent emails, but will not be able to access the content of the delivered emails.
Cheers - Bob