This release contains bug fixes and improvements.
These are the release notes for Sophos Email Security.
The features mentioned in these release notes are only available if you have the appropriate license.
View the product documentation at Email Protection.
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-37004 | Quarantine | Resolved an issue where the quarantine summary email wasn't sent to the primary account for quarantined distribution list (DL) email aliases. |
| XGE-36985 | Portal Encryption | Resolved an issue where the partner email address wasn't listed in System Email Address and Administrators in the custom branding configuration. |
| XGE-36785 | Secure Message policy | Resolved an issue where some outbound emails were encrypted using Push Encryption instead of TLS, even though the fallback method wasn't configured in the Secure Message policy. |
| XGE-36694 | SAVI | Resolved an issue where Intelix couldn't scan suspected emails marked by the Data Control policy. |
| XGE-36620 | Quarantine | Resolved an issue where users were unable to delete messages from post delivery quarantine. |
| XGE-36614 | Reporting | Resolved an issue where exported reports from Message History displayed an incorrect date. |
| XGE-36598 | Time of Click | Resolved an issue where the Time of Click (ToC) feature didn't rewrite URLs within email images. |
| XGE-36507 | Data control | Resolved an issue where attachments were embedded within the email body rather than being recognized as separate attachments. |
This feature allows you to customize the branding of your encryption portal and encrypted messages. This feature is available if you have a Portal Encryption add-on license. If you don't currently have a Portal Encryption license, please contact your trusted partner or Sophos account manager to purchase it. See Custom Branding.
This feature allows you to control the way encryption is applied to your message. This feature is available to all Sophos Email customers. See Email headers.
| Issue ID | Component | Description |
|---|---|---|
| XGE-36428 | Quarantine | Resolved an issue where customers continued to receive quarantine summary emails after turning off Send a quarantine summary email in Quarantine Summary Settings of their Email Security policy. |
| XGE-36141 | Header Anomaly | Resolved an issue where a header anomaly was detected, even though SPF, DKIM, and DMARC authentication checks passed. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-36333 | Email dashboard | Resolved an issue where users couldn't export reports as PDF files from the Sophos Email dashboard due to a cookie-related UI error. |
| XGE-36105 | Message History | Resolved an issue where Message History didn't return the correct results for partial search terms. |
| XGE-36099 | Mail Routing | Resolved an issue where emails were rejected due to missing mailboxes. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-36104 | Message Processing | Resolved an issue where an email received from an external server wasn't delivered to the customer's mailbox. |
| XGE-35958 | Secure Message policy | Resolved an issue where push encrypted delivery failed for certain domains that only supported TLSv1.2. |
| XGE-35936 | SAVI | Resolved an issue where Intelix scanning failed for emails marked by the Data Control policy. |
| XGE-35922 | Quarantine | Resolved an issue where a user received duplicate quarantine summary emails. |
| XGE-35817 | Quarantine | Resolved an issue where quarantine summaries weren't reaching users from a certain time. |
| XGE-35747 | Audit logs | Resolved an issue where changes to the Email Security base policy weren't audited. |
| XGE-35693 | Push Encryption | Resolved an issue where push encrypted emails failed DMARC checks for a certain domain. |
| XGE-35685 | Mailbox Management/Creation | Resolved an issue where NDRs weren't being generated for emails sent to deleted mailboxes. |
| XGE-35648 | Reporting | Resolved an issue where the Message Summary report showed an incorrect count. |
| XGE-35646 | Country of origin | Resolved an issue where inbound emails were mistakenly quarantined because of an incorrect country of origin. |
| XGE-35409 | End user quarantine | Resolved an issue where some users weren't receiving quarantine summary emails despite having quarantined emails. |
| XGE-35351 | Time of Click | Resolved an issue where embedded button URLs were broken when URL rewriting was turned on in the Email Security policy. |
This new feature enhances customers' anti-spam protection by preventing messages in languages not used for business. See Language detection.
| Issue ID | Component | Description |
|---|---|---|
| XGE-35708 | Message History | Resolved an issue where Message History wasn't displayed in Sophos Email for customers in a specific region. |
| XGE-35410 | Admin Quarantine | Resolved an issue where quarantine messages weren't showing on the Sophos Central dashboard. |
This enhancement allows customers to integrate Sophos Email with Sophos MDR/XDR and detect advanced email threats such as phishing, malware, and ransomware. Read Sophos Email integration.
| Issue ID | Component | Description |
|---|---|---|
| XGE-35406 | SAVI | Resolved an issue where Intelix couldn't scan emails marked by the Data control policy. |
| XGE-35177 | DMARC | Resolved an issue where quarantine summary emails were quarantined due to DMARC failures. |
| XGE-35174 | Data control | Resolved an issue where the Attachment file types (AFT) rule in the Data control policy didn't show custom list options after returning from the Message Attributes dialog. |
| XGE-35165 | Admin Quarantine | Resolved an issue where a customer couldn't delete an email in the Quarantined Messages page due to a prior action taken on the message. |
| XGE-35112 | Email dashboard | Resolved an issue where the dashboard showed no mailboxes for a customer over a specific period. |
| XGE-34979 | Mail Routing | Resolved an issue where auto-forwarded emails were intermittently rejected. |
| XGE-34944 | S/MIME | Resolved an issue where S/MIME encrypted and signed messages with attachments displayed a signature error in Microsoft Outlook. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-35172 | Executive Summary Report | Resolved an issue where Sophos Email reports were stuck in processing or failed to export, resulting in incomplete data and truncated reports. |
| XGE-35155 | Impersonation Detection | Resolved an issue where users couldn't be added to VIP Management due to a search results display limitation. |
| XGE-35149 | Mail Routing | Resolved an issue where inbound emails to an alias domain were rejected. |
| XGE-35122 | Sophos Mailflow | Resolved an issue where adding a Mailflow domain with a Microsoft 365 group failed due to special characters in group names, resulting in an encoding error. |
| XGE-35111 | End user quarantine | Resolved an issue where users weren't receiving quarantine summary emails. |
| XGE-34963 | UI | Resolved an issue where the email filter reset to blank after releasing quarantined messages with Data Control classification. |
| XGE-34720 | Message History | Resolved an issue where advanced search had case-sensitive search discrepancies. |
| XGE-34119 | S/MIME | Resolved an issue where users couldn't upload S/MIME certificates due to invalid email formatting. |
This release contains a bug fix.
| Issue ID | Component | Description |
|---|---|---|
| XGE-34563 | S/MIME | Resolved an issue where S/MIME was incorrectly applied to meeting invites. |
This enhancement allows customers and users to check incoming messages for valid bounce address tags. If a tag is missing, it takes the action you specify. Learn more:
| Issue ID | Component | Description |
|---|---|---|
| XGE-34553 | Delay Queue | Resolved an issue where Multi-Factor Authentication (MFA) emails were delayed despite the sender being added to the allow list, causing these emails to arrive after expiration. |
| XGE-34168 | DMARC | Resolved an issue where emails from a specific domain were quarantined due to DMARC failures. |
| XGE-34141 | Audit logs | Resolved an issue where audit logs didn't capture the removal of a wildcard block entry. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-34457 | Country of origin | Resolved an issue where inbound messages were incorrectly quarantined due to improper country of origin detection. |
| XGE-34255 | Message Summary | Resolved an issue where Message Summary for legitimate messages was inaccurate due to connectivity issues. |
| XGE-34131 | Quarantine | Resolved an issue where the page selector stopped working after releasing a quarantined message. |
| XGE-33939 | Time of Click | Resolved an issue where URLs in the original email were added incorrectly with a newline character, so that the URL rewritten by Time of Click didn't work. |
| XGE-33870 | License usage report | Resolved an issue where users were unable to export the license usage summary report to CSV or PDF formats. |
This new feature allows customers to schedule regular reports in Sophos Email. Customized filtered reports can be scheduled at a set frequency for a set date range. See Email reports.
This Sophos Email release introduces QR Code Protection, which scans for malicious URLs embedded in QR codes. See URL Protection.
This new enhancement allows customers and users to report spam emails through smart banners without blocking the email. See the following references:
| Issue ID | Component | Description |
|---|---|---|
| XGE-33986 | Secure Message policy | Resolved an issue where push encrypted delivery for DL email aliases failed when TLSv1.3 was preferred. |
| XGE-33786 | Country of origin | Resolved an issue where emails were incorrectly quarantined due to wrong country of origin detection based on reverse DNS lookup. |
| XGE-33645 | Emergency Inbox | Resolved an issue where users couldn't download attachments from the Emergency Inbox due to an internal server error. |
| XGE-33212 | Data control | Resolved an issue where emails had an empty SMTP From address because the policy setting takes precedence. Since an empty SMTP From address isn't considered a match, the rule wasn't triggered. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-33900 | Reporting | Resolved an issue where scheduled message history reports failed due to incorrect filtering for "Spam" category emails. |
| XGE-33753 | Smart banners | Resolved an issue where smart banners in forwarded emails routed via Sophos Central were visible to external recipients, causing unauthorized additions to user block lists. |
| XGE-33712 | DMARC | Resolved an issue where the email subject line wasn't tagged because the DMARC policy was mistakenly set to Conform to sender policy instead of Tag subject line. |
| XGE-33474 | Secure Message policy | Resolved an issue where a user tried to import external email addresses or domains using a TXT file but failed. |
| XGE-33439 | Mailbox | Resolved an issue where the Email Security dashboard incorrectly displayed "Unlicensed Mailboxes", despite having licensed mailboxes in Sophos Central. |
| XGE-32647 | On-demand clawback | Resolved an issue where the on-demand clawback feature wasn't working for some users due to changes in the mailbox or license settings in M365. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-33493 | End user quarantine | Resolved an issue where a specific user wasn't receiving quarantine summary messages. |
| XGE-33125 | Audit logs | Resolved an issue where audit logs weren't generating for changes in Email Security policy settings. |
| XGE-32980 | End user allow and block list | Resolved an issue where entries for specific users in the inbound allow and block list weren't consistently visible when filtered by username. |
| XGE-32964 | Smart banners | Resolved an issue where a banner was triggered on the recipient's mail body for S/MIME-signed outbound emails from a specific domain. |
| XGE-32951 | Active directory | Resolved an issue where mailboxes weren't removed from Sophos Email after an email address was deleted in AD during synchronization. |
| XGE-32860 | Post delivery protection | Resolved an issue where connecting Post Delivery Protection through an administrator with a Partner Super Admin role redirected users to the Sophos Central login page. |
| XGE-32855 | Quarantine | Resolved an issue where Message Details wasn't loading in the admin quarantine due to specific attachments in the message. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-33345 | SPF | Resolved an issue where inbound emails that didn't belong to a specific domain weren't blocked, despite having SPF failure set to Reject and header anomaly set to Quarantine. |
| XGE-33278 | Quarantine | Resolved an issue where partners couldn't access bulk mail details in Message History despite sending to around 500 recipients. The page remained blank, causing high memory usage. |
| XGE-33230 | Encryption Delivery | Resolved an issue where outbound emails were mistakenly encrypted using Push Encryption instead of Preferred TLSv1.3, so that recipients had to create unnecessary passwords to view emails. |
| XGE-33211 | Inbound email | Resolved an issue where Sophos Central accepted emails from a specific sender, but the inbound emails weren't delivered. |
| XGE-33108 | Mailbox | Resolved an issue where users with read-only access couldn't search mailboxes due to a missing search bar. |
| XGE-32952 | Email Gateway | Resolved an issue where custom roles with Sophos Gateway permissions failed to load on the Sophos Central People page. |
| XGE-32922 | DKIM | Resolved an issue where DKIM failed for emails sent from a specific Sophos Gateway domain to a Sophos Mailflow domain. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-33264 | Smart banners | Resolved an issue with the smart banner where Chinese characters in inbound emails weren't displayed correctly. |
| XGE-33190 | Quarantine | Resolved an issue where Scan with Intelix didn't appear in Quarantined Messages unless Sophos Central was set to English. |
| XGE-33168 | Sophos Mailflow | Resolved an issue where re-adding a specific domain to Sophos Mailflow doesn't work. |
| XGE-33118 | License usage report | Resolved an issue where customers observed "0 Protected Mailboxes" in the Sophos Central dashboard, and the license usage summary displayed "Unlicensed" for all users despite an active contract. |
| XGE-32967 | License usage report | Resolved an issue where a customer observed empty protected mailboxes in the Sophos Central dashboard. |
| XGE-32888 | Impersonation Detection | Resolved an issue where the VIP impersonation feature wasn't working as expected when a customer used a Hotmail account for two VIP users. |
| XGE-32051 | Email dashboard | Resolved an issue where the dashboard keeps loading for several minutes. |
When you use wild card to configure external subdomain in any email policy, you can make it match either the first-level or all-levels of the email subdomain of external senders.
The new format of quarantine summary enhances the readability and the viewability of quarantine summary, particularly on the smaller screens of mobile phones.
Now, you can save descriptions for the admin allow and block entries. The description field records information about the entry, helping you and your other admin colleagues make sense of the entry in future.
| Issue ID | Component | Description |
|---|---|---|
| XGE-33219 | Sophos Mailflow | Resolved an issue where the customer couldn't add previously connected domains to Sophos Mailflow during connector migration to certificate-based connections. |
| XGE-32644 | Quarantine | Resolved an issue where there were discrepancies in timezone for a specific region, causing quarantine summary messages not to come properly and incomplete email notifications. |
| XGE-32639 | Smart banners | Resolved an issue where the smart banner failed to trigger for certain inbound emails. |
| XGE-32426 | On-demand clawback | Resolved an issue where the on-demand clawback feature isn't working as expected. |
| XGE-32082 | Attachment filtering | Resolved an issue where emails with attached .zip files can't be
opened, and the archive is corrupted after scanning for inbound emails. |
| XGE-32029 | Quarantine | Resolved an issue where users shouldn't be presented with the option to allow emails not bypassed by the allow list. |
| XGE-31969 | License usage report | Resolved an issue where duplicate license IDs appeared in the license usage summary. |
| XGE-31849 | DKIM | Resolved an issue where the DKIM check fails randomly for a specific domain. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-32370 | S/MIME | Resolved an issue where the S/MIME certificate can't be uploaded. |
| XGE-31981 | Smart banners | Resolved an issue where non-breaking spaces are shown in the preview pane even though there's no content in the email. |
| XGE-31307 | Data control | Resolved an issue where the email filter still allows a .zip file,
even though the Data control base policy blocks .zip
attachments. |
This release contains bug fixes and improvements.
As of January 01, 2024, Transport Layer Security (TLS) 1.0 and 1.1 protocols are no longer supported for inbound and outbound email delivery. For details, see TLS versions 1.0 and 1.1 will be disallowed.
Both TLSv1.0 and TLSv1.1 are vulnerable to security attacks and consequently the use of these versions has been removed.
All customers currently using TLS versions 1.0 and 1.1 on their mail servers may experience TLS delivery failure errors if these versions aren't turned off.
| Issue ID | Component | Description |
|---|---|---|
| XGE-31792 | Policy configuration | Resolved an issue where the continue processing icon of a rule incorrectly displayed as inactive, even when turned on. |
| XGE-31768 | Sophos Mailflow | Resolved an issue where Sophos Central continued to receive emails despite the deletion of a user mailbox from AD. |
| XGE-31717 | Message authentication | Resolved an issue where specific emails were randomly deleted due to SPF check failures. |
| XGE-30945 | Allow list authentication | Resolved an issue where some phishing emails, originating from a malicious sender, bypassed security measures by passing the SPF check and triggering the allow list. |
We've enhanced the Data control policy to support granular searches. You can configure a rule to search in the subject, message body, attachment name, attachment content, or any combination of those message parts.
| Issue ID | Component | Description |
|---|---|---|
| XGE-30902 | UI | Resolved an issue where users can't see the message details for specific emails. |
| XGE-30606 | Domain Anomaly | Resolved an issue where a domain anomaly occurred for 6 out of 12 recipients when an inbound email was sent. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-31601 | Sophos Mailflow | Resolved an issue where adding a specific domain wasn't successful in the Sophos Mailflow setting. |
| XGE-31590 | Policy configuration | Resolved an issue where the Data control policy was deactivated and reverted to its default settings due to the unintentional removal of the customer license from Sophos Central. |
| XGE-31300 | Data control | Resolved an issue where emails sent to the domains listed in the DLP rule exclusion were quarantined. |
| XGE-31093 | Data control | Resolved an issue where attachments were embedded in the email instead of being treated as separate email attachments. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-30859 | Secure Policy | Resolved an issue where outgoing emails sent from a specific mailbox to a specific domain always get encrypted. |
| XGE-30848 | Mail Routing | Resolved an issue where many emails are queued for return to M365. |
| XGE-30507 | Sophos NDR SPF | Resolved an issue where NDR messages weren't received for deleted mailboxes. |
| XGE-30123 | Policy configuration | Resolved an issue where the rewritten URLs in plain text and securely signed messages don't work as expected. |
| XGE-29701 | Time of Click | Resolved an issue where Time of Click missed URL detection and didn't rewrite the URL in the email. |
| XGE-29498 | Message History | Resolved an issue where searching for messages to a specific user doesn't always return results. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-31059 | Malware | Resolved an issue where reports marked suspicious by SophosLabs Intelix aren't marked or detected in Sophos Email. |
| XGE-30924 | Mail Routing | Resolved an issue where inbound emails couldn't progress beyond the
Processing status.
|
| XGE-30916 | XGE | Resolved an issue where the Recover To Quarantine Deleted status doesn't come as a link in Message History for different messages. |
| XGE-30857 | End user allow and block list | Resolved an issue where the Release and Allow option doesn't add the user to the allow list. |
| XGE-30465 | Sophos Mailflow | Resolved an issue where it wasn't possible to add a specific domain in Sophos Mailflow. |
You can manually claw back messages from the M365 inboxes of one or more users into the post delivery quarantine of Sophos Email. You must have post delivery protection configured in your account to use this feature.
We've enhanced the quarantine summary feature with the capability to schedule quarantine summary messages for any hour of the day and any day of the week.
| Issue ID | Component | Description |
|---|---|---|
| XGE-30769 | SAVI | Resolved an issue where an email attachment can't be scanned. |
| XGE-30767 | Policy configuration | Resolved an issue where inbound emails were stuck due to a special character found in the DMARC policy and an empty base policy. |
| XGE-30738 | Sophos Mailflow | Resolved an issue where outbound emails were being encrypted due to the Sophos Mailflow Preferred TLS 1.3 or Required TLS 1.2 security method setting being enforced. |
| XGE-30670 | Microsoft 365 S&D | Resolved an issue where the Partner Super Admin couldn't turn on post delivery protection in Sophos Gateway mode. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-30750 | Sophos Mailflow | Resolved an issue where the Sophos Mailflow connection test failed with the
following error message:Something went wrong while fetching M365 connection
status |
| XGE-30591 | Message History | Resolved an issue with the permissions of the Recover Deleted feature. |
| XGE-30409 | Mail Routing | Resolved an issue where inbound emails were accepted for a user that had already been deleted. |
| XGE-30350 | XGE | Resolved an issue with the mail flood detection rate. |
| XGE-30349 | Bulk email rate limit | Resolved an issue with bulk emails reaching the user limit. |
| XGE-30346 | Sophos Mailflow | Resolved an issue where the Sophos Mailflow domain test connection status remained in progress and generated a pop-up error. |
| XGE-29973 | Inbound email | Resolved an issue where inbound emails weren't delivered to a user when a custom Email Security policy was turned on. |
| XGE-29240 | Message Processing | Resolved an issue where an error occurred when editing an attachment with no filename, so that a Data control rule couldn't be applied |
We've improved the reporting capabilities in Message History. Message History now shows you the versions of TLS over which a message was exchanged during delivery and receipt, for both inbound and outbound messages.
| Issue ID | Component | Description |
|---|---|---|
| XGE-30377 | Secure Message policy S/MIME overrides Data control policy triggered encryption | Resolved an issue where S/MIME policy prevented SPX encryption in the Data Control policy. |
| XGE-30375 | Policy configuration | Resolved an issue where the Email Security and Data control policies were saved without specifying a policy name. |
| XGE-30057 | Message Processing | Resolved an issue where processing inbound email took 45 minutes when coming from a specific mailbox. |
| XGE-29995 | Sophos Self Service Portal | Resolved an issue where emails sent to certain shared mailboxes didn't show in Self Service Portal. |
| XGE-29930 | Quarantine | Resolved an issue where the Quarantined Messages page was continuously refreshed. |
Sophos Email provides deeper integration with MDR than other email products, supporting a slew of detections such as account compromise, malware, malicious URL, impersonation, spam, data control, and post delivery protection.
Using this API, you can manually claw back messages from the M365 inboxes of one or more users into the post delivery quarantine of Sophos Email. You must have post delivery protection configured in your account to use this API.
| Issue ID | Component | Description |
|---|---|---|
| XGE-29716 | Policy configuration | Resolved an issue where an outbound email was sent as "Legitimate" when it should have been sent as "Secure message". |
We've added comprehensive message authentication checking options, including SPF soft failure check support. You can now boost your email security against unauthentic sender domains with the new "Domain anomaly" option in "Sender checks".
We've added the "Modify address" option in Data control. You can now change the email delivery address and copy the email to another address using CC or BCC.
We've enhanced Sophos Email to help you manage outbound spam and inbound malware emails that have been deleted. You can now recover them to quarantine to inspect them.
We've added Read-only user quarantine. You can configure your user quarantine as read-only so that users can view quarantined emails but can't release or delete them.
| Issue ID | Component | Description |
|---|---|---|
| XGE-29823 | Scanning Engine | Resolved an issue where Intelix Unscannable emails were being quarantined even when set as a tagged subject from a specific sender. |
| XGE-29497 | Mailflow | Resolved an issue where customers saw a certain type of message with DKIM failure, resulting in DMARC failure in MFR Mode. |
| XGE-29264 | Sophos NDR SPF | Resolved an issue where no NDR (Non-Delivery Report) messages were being received for recently deleted mailboxes. |
We've introduced a new feature, Google Directory Synchronization. You can now synchronize information about your users and groups from Google Directory into Sophos Email.
We've launched a new feature, On-Demand Clawback. You can now remove any message from the M365 mailboxes of users with just the click of a button in Message History. Early access has been provided with M365 post delivery protection turned on.
| Issue ID | Component | Description |
|---|---|---|
| XGE-29800 | Mail Routing | Resolved an issue where encrypted outbound message delivery failed for the julkair.com domain. |
| XGE-29792 | Outbound Relay Control | Resolved an issue where blocking the Microsoft high-risk pool was causing disruptions. |
| XGE-29614 | Admin Quarantine | Resolved an issue where approximately 5,000 emails were released from Quarantine. |
| XGE-29481 | Mail Routing | Resolved an issue where forwarded email was being rejected by Sophos Central. |
| XGE-29454 | Admin Quarantine | Resolved an issue where re-attachment of files from Quarantine doesn't work. |
| XGE-29383 | Outbound | Resolved an issue where there was a problem in adding the Outbound Custom Gateway. |
| XGE-29228 | Message History | Resolved an issue where there was a problem with Message History and Quarantine Message, specifically in cases where search for partial terms in the "Subject" field only worked under specific conditions. |
| XGE-29198 | Scanning Engine | Resolved an issue where emails were being marked as quarantined due to a malicious URL category found, but that URL wasn't available in the emails. |
| XGE-28377 | Data control | Resolved an issue where modifying the content of an empty email wasn't possible due to its content type. |
| XGE-28331 | Time of Click | Resolved an issue where there was a Time of Click problem, specifically one URL that wasn't getting rewritten. |
We've introduced Sophos Mailflow MFR Tamper Alert and Remediation. This feature monitors changes made to the M365 Mailflow rules and connectors and notifies you if any modification impacts your Sophos Mailflow setup. It also applies fixes, saving time and effort for you.
We've enhanced our "Allow/Block List" feature with Admin access to user allow/block. Using this feature, admins can view and manage users' allow and block lists. They can also benefit from enhanced wildcard support, the new CSV export, and advanced search capabilities.
| Issue ID | Component | Description |
|---|---|---|
| XGE-29479 | Mailflow | Resolved an issue where registering two domains under M365 Mailflow Domain Settings/Status wasn't possible. |
| XGE-29476 | UI | Resolved an issue where the M365 Mailflow Domain Settings/Status page didn't show API calls when multiple domains were present. |
| XGE-29274 | Message History | Resolved an issue where messages with UTF-encoded subjects weren't properly displayed in the Sophos Central dashboard. |
| XGE-29235 | Message History | Resolved an issue where you sometimes couldn't go the next page in Message History. |
| XGE-29196 | Quarantine | Resolved an issue where all the quarantine messages weren't showing to all users in the quarantine summary messages. |
| XGE-28968 | Mail Routing | Resolved an issue where a specific inbound message was stuck in the Accepted status on Sophos Central. |
| XGE-28178 | Time of Click | Resolved an issue where two URLs inside the email weren't rewritten by Time of Click in the Sophos Email. |
| XGE-26632 | S/MIME Encryption | Resolved an issue where users couldn't accept or reject S/MIME signed invites processed by Sophos Email. |
We've introduced SMTP Routing. You can now reroute your inbound or outbound gateway messages directly to a mail server using the server's A-record or fully qualified domain name.
We've added Outbound Disclaimer. You can now add disclaimers to your plain text and HTML format outbound messages using Outbound Disclaimer in Email Security policy.
We've introduced Quarantine API. Using Quarantine APIs, you can now perform operations on messages in both email security quarantine and post delivery quarantine.
| Issue ID | Component | Description |
|---|---|---|
| XGE-28993 | Mail Routing | Resolved an issue where inbound message communication for all emails was down. |
| XGE-28989 | TLS | Resolved an issue where an outbound message to one user was rejected due to TLS 1.2 requirements. |
| XGE-28943 | Mailflow | Resolved an issue where users experienced problems with one domain. |
| XGE-28388 | MFR | Resolved an issue where the M365 Mailflow Domain Settings/Status page didn't utilize the full page for many domains. |
| XGE-28066 | Smart banners | Resolved an issue where the Time of Click banner rendered images in emails inaccessible. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-29279 | SMTP Routing | Resolved an issue where users couldn't send outbound messages through Sophos Central, resulting in rejection. |
| XGE-28962 | Admin Quarantine | Resolved an issue where quarantine messages had SMTP From not wrapping within its div. |
| XGE-28744 | Reporting | Resolved an issue where Intelix Threat Summary didn't align with Message History. |
| XGE-28525 | Mail Routing | Resolved an issue where users reported missing inbound messages to the mail server. |
| XGE-28506 | O365 S&D | Resolved an issue where users couldn't view details of messages in post delivery quarantine. |
| XGE-27674 | DKIM | Resolved an issue where DKIM failed for messages from a domain hosted in gateway mode to another in mailflow mode. |
| XGE-27371 | S/MIME Encryption | Resolved an issue where the mail body was altered with S/MIME encryption. |
We've enhanced Quarantine for administrators in Sophos Email Security, allowing you to download, strip, or re-attach attachments from a quarantined message. You can also submit a quarantined message for scanning by SophosLabs Intelix.
| Issue ID | Component | Description |
|---|---|---|
| XGE-28804 | Encryption Delivery | Resolved an issue where outbound messages were getting encrypted as PUSH when they shouldn't be. |
| XGE-28728 | Mail Routing | Resolved an issue where routing randomly failed to return some messages to M365. |
| XGE-28699 | XGE | Resolved an issue where a custom admin with full access to the email gateway encountered an error while editing the Data control policy. |
| XGE-28474 | Mail Routing | Resolved an issue where users were still seeing non-secure emails in logs. |
| XGE-28473 | MFR | Resolved an issue where mailflow domains were showing a "Reconnect" status. |
| XGE-28157 | Data control | Resolved an issue where the "Strip Attachment" function wasn't working with data control, and this issue was reproducible. |
We've added Clone Email Policy. You can now clone any Sophos Email policy. The cloned policy is added just above the policy being cloned. It's best to change the cloned policy for your needs before you enforce it.
| Issue ID | Component | Description |
|---|---|---|
| XGE-28875 | Data control | Resolved an issue where Data control encryption didn't override the secure policy encryption. |
| XGE-28389 | Mail Routing | Resolved an issue where changing the MTA delivery server took 2 hours and 27 minutes. |
| XGE-28382 | MFR | Resolved an issue where inbound messages were stuck with the "Queued for Returned to M365:" message. |
| XGE-28292 | Mail Routing | Resolved an issue where there were discrepancies between secure and legitimate email deliveries. |
| XGE-28284 | Secure Policy | Resolved an issue where some outbound messages weren't encrypted according to the migrated policy. |
| XGE-28282 | SMTP Routing | Resolved an issue where mail was routed to the incorrect next hop. |
| XGE-28229 | Quarantine | Resolved an issue regarding distribution list quarantine. |
| XGE-28204 | Delay Queue | Resolved an issue where messages were sent through Sophos Central. Advanced Email was delayed by more than 15 minutes. |
| XGE-28177 | Data control | Resolved an issue where an access exception was observed in production while reading mail-info for cfs-outbound. |
| XGE-28151 | Reporting | Resolved an issue where exporting message summary reports via Self Service Portal wasn't possible. |
| XGE-27919 | Mail Routing | Resolved an issue where encrypted outbound message delivery was failing. |
| XGE-27903 | Quarantine | Resolved an issue where users reported receiving duplicate quarantine messages. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-28291 | XG Email | Resolved an issue where one specific inbound message failed to deliver for three days due to an exception. |
| XGE-28212 | Allow/Block Filter | Resolved an issue where allow/block cache update was failing for a user. |
| XGE-28169 | Outbound Relay Control | Resolved an issue where mail was relayed with mismatching envelopes and headers from domains. |
| XGE-28020 | Outbound | Resolved an issue where intermittent outbound messages weren't sent from the wynlawpc.com domain. |
| XGE-27879 | Quarantine | Resolved an issue where quarantined messages were being automatically released. |
| XGE-27761 | MFR | Resolved an issue where the "Edit Domain" button was removed, and the "Delete Domain" button was added to the MFR domain page when the outbound destination was set to GApps in the Gateway domain page. |
| XGE-26904 | SPF | Resolved an issue where the SPF check passed in Sophos Email even though the original SPF status was a fail. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-28032 | Resolved an issue where inbound emails were rejected. | |
| XGE-28021 | Quarantine | Resolved an issue where some users weren't able to see all of their quarantined email after a migration. |
| XGE-27901 | Quarantine Summary email | Resolved an issue where some Quarantine Summary emails weren't delivered. |
| XGE-27893 | Email Gateway | Resolved an issue where some outbound emails weren't delivered. |
| XGE-27877 | TLS | Resolved an issue where a TLS handshake error caused some inbound emails to be rejected. |
| XGE-27763 | Mobile email | Resolved an issue where long email subject lines couldn't be viewed on mobile devices. |
| XGE-27177 | Licensing | Resolved an issue where some mailboxes were duplicated in the "License Summary" report. |
We've introduced catch rate for spam. You can set the level (from 1 to 5) using a slider in an Email Security policy.
We've introduced vertical tabs in policy settings to group related settings together and make them easier to manage.
We've introduced a new type of policy that combines the encryption, decryption, signing, and verification features previously managed in Global Settings.
The new Secure Message policy allows you to do the following:
We've introduced a new "Internal" tab in Sophos Email policies. This brings users, groups and domains together, making a clear distinction from their external counterparts.
We've introduced the ability to inspect and modify message headers. You can use rules in Data control policies to do the following:
We've enhanced Quarantine for administrators in Sophos Email Security with the following features.
We've introduced advanced search for the user quarantine and distribution list quarantine features. Last week's quarantined messages are shown by default.
We've added new fields to the Quarantine Summary email, "To" and "Reason".
There's also a confirmation screen which shows details of a message and has options to add the sender to a user's allow or block list.
We've added the capability to detect compromised mailboxes based on traffic patterns. When we detect these, you receive an alert asking you to enable Multi-Factor Authentication (MFA) and ask the users to change their mailbox passwords.
We've also made the following changes to Sophos Email Security.
| Issue ID | Component | Description |
|---|---|---|
| XGE-27611 | MSP licensing | Resolved an issue where some Email Advanced licenses couldn't be assigned to MSPs. |
| XGE-27558 | Email dashboard | Resolved an issue where dashboard went blank after a short period. |
| XGE-27342 | Email licensing | Resolved an issue where license counts in the license usage summary and the licensing report didn't match. |
| XGE-27109 | Message History | Resolved an issue where interactive reporting for emails flagged as impersonation could occasionally be very slow. |
| XGE-26981 | MSP licensing | Resolved an issue where some MSPs were charged for Central Email Standard instead of Central Email Advanced. |
| XGE-26395 | Message History | Resolved an issue where Message History and the Sophos Data Lake didn't match up. This meant email attachments didn't appear in Data Lake search results. |
| XGE-26159 | Smart banners | Resolved an issue where email content could be removed from a forwarded email, if it had a Smart banner. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-27372 | Resolved an issue where some messages were rejected. | |
| XGE-27130 | Message History | Resolved an issue where some messages weren't displayed in Message History. |
| XGE-26992 | Message History | Resolved an issue where some messages were displayed as blank in Message History. |
| XGE-26990 | Smart banners | Resolved an issue where some messages were marked as untrusted instead of external. |
| XGE-25899 | S/MIME encryption | Resolved an issue where some valid public certificates couldn't be imported. |
This release contains bug fixes and improvements.
| Issue ID | Component | Description |
|---|---|---|
| XGE-25952 | S/MIME encryption | Resolved an issue where some incoming S/MIME encrypted messages were empty. |
We've introduced Advanced Search in Message History. You can search messages with combinations of the following:
Note: We're rolling this feature out gradually, so you may not see it yet.
We've introduced new links in Message Details. You can block the email address, domain, or IP address used to send an email.
Note: We're rolling this feature out gradually, so you may not see it yet.
We've introduced a new tab in Message Details which lists the unique URLs in a message. You can now search for URLs in messages.
Note: We're rolling this feature out gradually, so you may not see it yet.
If you use email encryption, you must now configure your mail servers to accept TLS connections, as previously explained in this community post: Strict enforcement of TLS for Encryption.
Note: You must configure your mail servers to accept TLS connections before you configure Email Encryption. See "TLS authentication" in Email Encryption.
| Issue ID | Component | Description |
|---|---|---|
| XGE-26257 | Sophos Mailflow | Resolved an issue where Sophos Mailflow didn't work if a domain was disconnected, then reconnected. |
We've introduced the Message History API. All Message History data will now be available in the Sophos Data Lake. We've added new queries in Live Discover to take advantage of the expanded email data set.
Please note that although we've started collecting Message History data in the Data Lake, it can take up to 30 days for all the data in Message History to appear.
We've enhanced the policies in Sophos Email so that you can apply a policy to external domains and mailboxes, not just those of your organization. You can do this in Email Security policies, and Data control policies and rules.
There's a new "External" tab in the policy interface. By default, the option "Include all" is selected, so your existing policies will continue to behave as they did before. You can include or exclude a list of email addresses and domains to which the policy or rule will apply.
Although HTTP/1.1 doesn't specify any URL length limit, Microsoft Outlook doesn't support URLs longer than 2048 characters. Outlook truncates the URL so the email recipient can't use it.
We've enhanced the Time of Click feature so that URLs rewritten by Time of Click no longer exceed Outlook's limit.
| Issue ID | Component | Description |
|---|---|---|
| XGE-25641 | Data control | Resolved an issue where inbound HTML emails without attachments were incorrectly blocked. |
We've started rolling out new Sophos Delivery CIDR IP ranges for the new domains added after the announcement on May 24, 2022. See Sophos Central Email: New delivery IP addresses.
| Issue ID | Component | Description |
|---|---|---|
| XGE-25655 | Quarantine | Resolved an issue where some released messages weren't delivered to users' mailboxes. |
| XGE-25639 | Message Details | Resolved an issue where users couldn't view the "delivery failed" status in the default browser size if language was set to German. |
| XGE-25473 | Time of Click | Resolved an issue where the formatting and spacing in some emails was ignored when the message was passed on to the user. |
| XGE-25501 | Sophos Self Service Portal | Resolved an issue where if the user had a mailbox and an alias, their emails weren't delivered to the Emergency Inbox. |
We've launched interactive reporting. You can click any linked count on the email security dashboard and email reports. This takes you to a report to see more details on that count.
For example, at the top of your dashboard, you see a statistics ribbon showing key statistics for your account. You can click each count on the ribbon.
As part of interactive reporting, we've made significant improvements to email reports as follows:
You can go back to the old dashboard for a few weeks after you're upgraded.
| Issue ID | Component | Description |
|---|---|---|
| XGE-25641 | Sophos Mailflow | Resolved an issue where Sophos Mailflow setups with Microsoft 365 groups fail with the error that rules couldn't be updated. |
| XGE-25541 | Data control (formerly Data Loss Protection) | Resolved an issue with releasing emails quarantined by a Data control policy. A small number weren't delivered after being released. |
| XGE-25499 | Outbound email | Resolved an issue with delays in sending some emails. |
| XGE-25455 | Sophos Mailflow | Resolved an issue where email subdomains couldn't be registered for use with Microsoft 365. |
| XGE-25341 | Post Delivery Protection | Resolved an issue where occasionally post delivery protection didn't provide full information about processed emails. |
| XGE-24033 | Data control (formerly Data Loss Protection) | Resolved an issue where Data control policies sometimes weren't processed
correctly if the message header had the value
Content-Type: attachment.
|
| Issue ID | Component | Description |
|---|---|---|
| XGE-24941 | Mailflow | Resolved an issue where Admins couldn't add domains to Sophos Mailflow. |
| XGE-25254 | Inbound email | Resolved an issue where emails with attahcments but no body text weren't processed correctly. |
| XGE-25292 | Sophos Self Service Portal | Resolved an issue where the SSP portal showed "Release and Allow" and "Delete and Block" even if "Allow/Block list" was disabled. |
We've launched custom branding for encryption for customers with the portal encryption license. Customers can use their organization's logo to brand portal encrypted messages, push encrypted messages, and the encryption web portal. They can also customize notifications with their organization's address and contact information, customize recall messages, and allow recipients to sign in with social media connectors. These features and more are listed in the provisioning form. Please ask your account manager or partner for the provisioning form to apply for custom branding.
We've upgraded our malware detection and categorization to give you more choices for handling emails.
| Issue ID | Component | Description |
|---|---|---|
| XGE-24971 | Content Filter | Resolved an issue where a blank space was added to the subject lines of emails sent from Sophos. |
| XGE-24925 | Impersonation Detection | Resolved an issue where impersonation detection didn't create an alert. |
| XGE-24353 | Mailbox Management/Creation | Resolved an issue where end users didn't receive the Welcome and Setup email for Sophos Self Service Portal. |
| XGE-25217 | Quarantine summary | Resolved an issue where some users didn't receive their quarantine summary emails. |
As of January 01, 2024, Transport Layer Security (TLS) 1.0 and 1.1 protocols are no longer supported for inbound and outbound email delivery. For details, see TLS versions 1.0 and 1.1 will be disallowed.
Both TLSv1.0 and TLSv1.1 are vulnerable to security attacks and consequently the use of these versions has been removed from many servers.
All customers currently using TLS versions 1.0 and 1.1 on their mail servers may experience TLS delivery failure errors if these versions aren't turned off.
See Sophos Email Known Issues list for a full list of known issues with Sophos Email.
You can find technical support for Sophos products in any of these ways:
Copyright © 2025 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.