Skip to content
Last update: 2022-05-03

Email Security

Sophos Email Security protects both inbound and outbound emails against threats such as spam and viruses.

This option is only available if your license includes Sophos Email Security.

Set up Sophos Email Security to protect your domains and mailboxes.

You must choose how to connect Sophos Email Security to your email services. There are two choices:

  • Sophos Mailflow: for Microsoft 365 (formerly Office 365) domains.
  • Sophos Gateway: for on-premises email systems and cloud-based services, including Microsoft 365.

Sophos Mailflow

Sophos Mailflow protects Microsoft 365 emails. It integrates directly with Microsoft 365 with the Microsoft Exchange Connector Services to scan your emails.

Sophos Mailflow uses Microsoft APIs to create mail flow rules in your Microsoft 365 environment. These mail flow rules route the emails to Sophos and back to Microsoft 365.

Setting up Sophos Mailflow is done from Sophos Central. You don't have to makes changes to your DNS settings for domain verification or MX redirection.

To manage email domains after you've set them up for Sophos Mailflow, go to Email Security > Settings > M365 Mailflow Domain Settings / Status.

Sophos Gateway

Sophos Gateway is the established method of protecting your email. It is designed to secure on-premises email environments, and also works with all cloud-based email services, for example Google Workspace. You can use Sophos Gateway with Microsoft 365, but we recommend Sophos Mailflow.

You must change the MX records for your email domains so that your Sophos Gateway can intercept and scan emails before they reach their recipients. You also have to make changes to your DNS.

To manage email domains after you've set them up for Sophos Gateway, go to Email Security > Settings > Domain Settings / Status.

What to do next

Whichever method you choose, the setup process is similar. To set up Sophos Email Security, do as follows:

  • Add mailboxes you want to protect. See Mailboxes.

    If you're setting up Sophos Email Security for the first time, are going to use Sophos Mailflow to connect to Microsoft 365, and you use Microsoft Active Directory (AD), you can ignore this step. You'll synchronize your Sophos Central users and your AD when you add your email domains to Sophos Mailflow.

  • Choose the type of connection you want to make for your email domains, and create the connections.

  • Configure your Policies and Settings. See Email Security Policy.
Back to top