In the last few months there have been quite a few new features in Cental Email. I have listed some here and for most of them there is a video explaining everything.
Message History – Advanced search and improvements
With this release, Sophos brings advanced search capabilities to the message history for the Central Email Service. The advanced search allows users to search for emails based on various criteria such as sender email address, recipient email address, subject, message size, attachment and DSN (Delivery Status Notification) code. It is required that at least 3 characters are entered in a field in order to search. Fields can also be left blank to exclude them from the search criteria. The basic search will become obsolete after a certain time and will be removed.
In addition to the advanced search, improvements have also been made to the message history. In the message details, the option to block sender addresses or sender domains has been added. In the “Block IP address” option, the domain name of the IP address is now displayed via the reverse DNS (Domain Name System) query. This helps to assess the impact of IP address blocking and prevents unintentional blocking of IP addresses used by multiple sources, such as Google (Gmail). A new “URLs” tab has also been added to the message details page, which lists unique URLs in the message and is searchable.
More information: Message History – Advanced Search and Enhancements
There is a new interactive reporting feature that makes reports consistent and granular and greatly improves the user experience of the dashboard and reports. The new dashboard shows improved statistics and key metrics for incoming and outgoing messages.
The activity summary for incoming and outgoing messages has been updated to arrow graphs showing the direction of email flow. The arrow graphs show messages in the order of scans performed.
The Data Control Chart (formerly called DLP) has been updated to show a split between incoming and outgoing messages in the pie chart on the left and further categorisation of messages by data control rule type in the pie chart on the right.
The report data can also be exported in CSV and PDF format. It is also possible to sort the report data by any desired column. The user can now interact with any linked value in the dashboard or in other reports by clicking on the value to navigate to a report where more details about the value are displayed.
Graphics are difficult to describe in text, however, so here is a video explaining the innovations.
More information: Interactive Reporting
Sophos Email has improved its policies so that they can also be applied to external domains and mailboxes. This capability has been added for both email security and data control policies.
To use this function, a new tab is added to the policies called “External”. The default option is “Include all”, so existing policies will continue to work as usual. However, it is possible to customise policies to either include or exclude a list of email addresses and domains to which the policy should apply. It is also possible to import a list of external email addresses and domains in CSV or TXT format to populate the include or exclude list to which the policy is to be applied.
External domains/mailboxes should be configured in the policy to apply the policy only to messages exchanged between the external domains/mailboxes and the group of internal users, groups or domains. In this way, the policy can be customised more granularly to meet the privacy or data control requirements for these messages. For example, if S/MIME is to be applied to all messages exchanged between a group of users from one’s own organisation and a group of users from a partner organisation, the domains or mailboxes of the partner organisation must be listed under the External tab and one’s own users under the Users, Groups or Domains tabs.
The new functions are also explained in the following video.
More information: Policy Enhancement
Enhanced Time of Click Protection
HTTP/1.1 (Hypertext Transfer Protocol) has no requirements for the length of URLs. However, various Microsoft products do not support URLs that exceed a certain length. Microsoft Outlook does not support URLs longer than 2048 characters. This restriction has caused inconvenience to users when URLs rewritten by Time-Of-Click have exceeded the length limit. The URL was shortened by Outlook and thus rendered unusable.
The Time-Of-Click function has now been extended to address the length restriction of URLs in an efficient way. You will notice that URLs that are rewritten by Time-Of-Click no longer exceed the length limit.
Stricter enforcement of the TLS connection
Sophos Email introduced stricter enforcement of the TLS connection for accounts that were configured for encryption. This increased the level of security. This improvement worked well for the vast majority of customers. However, a handful of customers who did not have TLS configured on their local mail servers experienced interruptions in email traffic. To help these customers with the changeover, we have temporarily reversed the changes.
Impact: If you had not configured your mail server to accept a TLS connection but had configured encryption in Sophos Email, you received the error message “TLS Delivery Failed”. This has now been fixed on 26.10.2022 and requires an adjustment in the configuration at most.
More information: Strict enforcement of TLS for Encryption
Message History API
Sophos has introduced a new feature called the Message History API. This feature allows the collection of message history data from the Sophos Central XDR Data Lake and the retrieval of this data via this API. The Message History API extends the existing datasets in the Sophos Email XDR Data Lake and enables the search and analysis of different message types, such as impersonation emails or spam, based on attributes such as sender, recipient, attachment or URL. An XDR or MDR licence is required to use this feature.
Mehr Informationen: Message History API