The mail gateway should have an option to modify email contents to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to recipients' before they click that it’s going somewhere dodgy, even on mobiles.

Currently the TLS certificate seems to only be used for incoming email. Many TLS partners have asked whether it would be possible to present the TLS certificate also for outgoing communication, which is more secure.

With the "File Extension Filter" in the Malware tab one can only block specific file types, although having a white and black list would be a major benefit from a security perspective. We'd like to see the ability to block all file extensions by default for incoming email in combination with a custom whitelist that let's us decide which file types we would want to allow passing through.

Add plugin or client for SPX encryption for Post Office Client
-GroupWise 18
- Webmail Outlook
- Lotus Domino
- GroupWise Web Client

Add option for quarantine emails to be rejected (add in drop down: View, Delete, Release).
This will also inform the sender that his email was rejected if for example the antivirus engine failed to perform a security scan.

Allow custom exim.conf configuration to be added. Exim has alot of flexibility and features that are not available through the web interface, so it would be nice to be able to add your own custom config.

If ipv6 is on, than its also on für smtp. But we get no static IPv6 by Deutsche Telekom AG without a expensive contract; but we get a static IPv4. With no static ipv6 we cant configure the AAAA-Record / PTR /RDNS . So our ipv6-Mails will classified as SPAM because we cant disallow to send mails via ipv6. But we will need ipv6 in the future for VPN-connections.

Allow specific senders to be white-listed for specific recipients

So for example - Whitelist 123@hotmail.com but only for 333@gmail.com, but keep it blacklisted for everyone else.

Feature Request - Support for multiple domains for DKIM on Email Appliances

We have two email domains that send through our clustered email appliances and want to setup DKIM for both domains, however currently the email appliances only support DKIM for a single domain.

We would like the ability to enter more than one selector and private key within the DKIM settings.

The UTM doesn't have an option to send automatically e-mails back to sender if there mails where blocked cause of extensions like .doc or .xls and so on in POP3 Proxy.

It would sometimes very helpful to have the possibility to create an exception for allowing mail with not scannable attachments while having the global option quarantine unscannable and encrypted content enabled.

A development of spam methode is Fingerprinting Spam. Would be nice to have this feature available on Sophos devices. I was advised to raise a feature request by Sophos.

I would like to have the UTM generating reports by grabbing the emails sent as aggragate reports so you would not have to setup agari or such

If users in absence receive e-mail which will be blocked / quarantined by spam engine, sender will not informed about the absence by out of office reply since no incoming e-Mail will trigger the send out of the reply. Would be great to have a solution for that issue.

Allow to configure exceptions for extension blocking for single extensions.

Actually it is only possible to create an exception and disable extension blocking at all. For special recipients it would be helpful to allow for example exe-attachments, but still block all other extensions.

Furthermore it should be possible to create exceptions and combine sender AND recipient address. Actually it is only possible to filter for sender OR recipient address.

if an email is released from quarantine then time of click protection is not applied.

surely an email that was quarantined for some reason is more likely to have bad url's in it needing the TOC protection?

TOC protection should be applied to all quarantine emails either before it is quarantined or after it is released

if an active directory user has an email account which has multiple aliases such as jsmith@domain.com, with aliases of johnsmith@domain.com, john.smith@domain.com, jsmith@domain2.com

if each of the above emails receives an email which goes into quarantine then the user will receive 4 separate emails each with its own list of quarantined emails.

but when the users logins into the quarantine web portal with their windows domain credentials all quarantined emails sit together.

Sophos need to be able to better handle the use of aliases and send digest emails based on the email account not the email address