Sharing Data with Sophos

When this option is enabled, statistical reports are sent to Sophos every five minutes. These reports contain information about the status of your system, the Sophos version, and key mail traffic statistics. These reports, which are based upon log file data, do not contain actual message content, or content that identifies specific mail users.

Version Information

Each report contains the following entries:

Sender IP Information

Each report also contains a one-line entry for each sender IP address. Each line indicates the number of messages that match each of the following criteria:

SophosLabs spam analysts can use this mail traffic data to compile statistics about sender reputation, and create more comprehensive block lists.

SXL Information

The reports also include SXL-related data. SXL is the infrastructure that Sophos uses to submit real-time, DNS-based queries to SophosLabs regarding IP addresses, URIs within messages, and image fingerprints. Queries are triggered when the anti-spam engine has been unable to determine if a message is spam. These real-time lookups are enabled by default and provide minimal latency between the time that Sophos makes new anti-spam data available and when it is available for use by the anti-spam engine. The following data is included in each statistical report: