SPX Encryption > Receiver Password Portal Setup & Reset
A way to remove the need for Password Notifications send to User, Administator or Other. An external facing portal page that allows a notice to be sent to the receiver for them to register w/ e-mail verification to setup to access their password for the SPX attachment. Basically allowing a local service similar to Cisco RES for messages sent from your Sophos UTM. Obviously, this could be limited in that if a per-email password is used by the sender it would not be able to work. Also a password reset would only work for future e-mails as the PDF is already encrypted that was sent out.
I also agree with this, I overlooked this post when I created my own here: http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/6035314-spx
We also just moved a 1000+ user client from the email appliance to the SPX UTM encryption and found out this was a huge step backward! Managing password for recipients is a giant hassle for the users and IT having to constantly reset passwords and explain to senders and recipients both that the old attachments are no longer valid.
Barry Jones commented
Having moved to UTM from Sophos ES1000 for email filtering the version of SPX is a backward step as the SPX portal on the ES1000 allowed the recipient to create an account, set challenge questions for password changes and set their own password. The UTM version requires the email sender to communicate the password to the recipient via a secure method which is not an ideal solution and could easily fall into the wrong hands. Come on development bring the products into line
Rob D commented
I totally agree with this - one of our clients (100+ users) relied on the SPX receiver portal, moved over to UTM and shocked to find it not there.
Bob Alfson commented
This really needs to get into 9.3!
There definitely is a need to make the portal functionality match at least what the standalone Sophos Mail Security Appliance allows; we should have the option to allow recipients reset their own portal access passwords, etc. ... having to use another out-of-band method to send decrypt passwords each time (Might as well have to, since most recipients will not record what their per-user decrypt passwords are anyway).