Email Security

Sophos Email Security protects both inbound and outbound emails against threats such as spam and viruses. Set up Sophos Email Security to protect your domains and mailboxes.

You must choose how to connect Sophos Email Security to your email services.

There are two choices.

Sophos Mailflow

Sophos Mailflow protects Microsoft 365 emails. It integrates directly with Microsoft 365 using Microsoft Exchange Connector Services to scan your emails.

Sophos Mailflow uses Microsoft APIs to create mail flow rules in your Microsoft 365 environment. These mail flow rules route emails to Sophos and back to Microsoft 365.

You set up Sophos Mailflow from Sophos Central. You don't need to change your DNS settings for domain verification or MX redirection.

To manage email domains after you've set them up for Sophos Mailflow, click the Global Settings icon . Go to Products and Services > Email and click M365 Mailflow Domains.

Sophos Gateway

Sophos Gateway is the established method of protecting your email. It's designed to secure on-premises email environments, and also works with cloud-based email services, such as Google Workspace.

You must change the MX records for your email domains so that Sophos Gateway can intercept and scan emails before they reach their recipients. You also need to change your DNS.

To manage email domains after you've set them up for Sophos Gateway, click the Global Settings icon . Go to Products and Services > Email and click Gateway Domains.

What to do next

Whichever method you choose, the setup process is similar.