Device Configuration : Protect : Email : Encryption
Encryption
This feature requires a subscription in Sophos XG Firewall. It can be configured but cannot be enforced without a valid Email Protection subscription.
Mode Switch option
Select the mode from the following for which you want to apply SPX Configuration and manage SPX Templates:
MTA
Legacy
SPX Configuration
Default SPX Template
Select the default SPX Template. SPX Templates can be created from Device Configuration > Protect > Email > SPX Encryption . Default Template is used if any user explicitly SPX-encrypts an Email and no template is selected in Content Scanning Rule.
User can SPX-encrypt an Email by:
Manually setting the Email header X-Sophos-SPX-Encrypt to yes.
Installing the Sophos Outlook Add-on and clicking Encrypt before sending the Email.
If Default SPX Template is selected as None, then SPX encryption is not applied on Email.
Allow Secure Reply for
Enter the maximum time (in days) in which recipient can securely reply to an SPX-encrypted email using the SPX Reply Portal.
Keep Unused Password for
Specify the expiry time in days of an unused password.
For example, if Keep Unused Password for is set to 30 days, then password will expire at 0 o'clock after 30 days from being generated if no SPX encrypted message was sent for a specific recipient.
Default: 30 days
Allow Password Registration for
Specify the time in days after which the link to Password Registration Portal expires.
Default: 10 days
Send Error Notification To
Specify whom to send a notification when an SPX error occurs. Select Sender Only to send notification to the sender or select Nobody if you do not want any notification to be sent. Error messages will always be listed in the SMTP log.
SPX Portal Settings
Hostname
Specify the IP Address or Domain on which Password Registration Portal is hosted.
Allowed Network(s)
Specify the networks from which password registration requests will be accepted.
Port
Enter the port on which the SPX reply portal should listen.
Default: 8094