Sophos Email Security Review

Ever wondered how deep learning AI and email security would work together? Well, wonder no longer! Sophos Email Security is powered by artificial intelligence and takes a proactive approach to quelling threats – even zero-minute attacks can be thwarted before they do any damage.

Sophos is already a big name in the cybersecurity world, with plenty of customers relying on its antivirus software to keep their devices clean and safe. Sophos Email Security promises the same level of security with granular control over incoming and outgoing emails – but is the service better suited to businesses, or can individual users benefit from all that AI intuition?

Our Score
3.5 / 5
Free option
Visit Sophos Email Security


You won't find any prices listed on the Sophos website, unfortunately. The only way to get an idea about how much an Email Security plan would cost is by reaching out to the customer service team for a customized quote.

That's all fine and well... so long as you can confirm that you own your email's domain. If not, and if you're an individual looking to secure your Gmail account, you'll likely have to look elsewhere for a more personal consumer-friendly solution.

I would assume that the Sophos Email Security plans are billed on a yearly basis, with prices fluctuating depending on how many users you'll have using the service. Sophos reiterates that some features, including access to its central managed console, are only available to users who purchase an Email Advanced license.

However, Sophos Email Security does offer prospective users the chance to trial the service for themselves with a free trial.


Sophos Email Security sets itself apart from the herd by utilizing a deep learning neural network to combat malware and spam – and it's this blend of AI and email security that'll pique most users' interest. The neural network can even utilize behavioral analysis to put a stop to zero-day malware (new, unseen threats that are harder to combat). However, the Sophos Sandstorm technology is also capable of alerting users to some of the more common dangers. Sophos Email Security excels when it's sniffing out potential threats in your inbox, in fact; whether it's a bogus phishing scam, an unwanted application, or malicious files disguised as PDFs, Word documents, or executables.

Equally impressive is the fact that Sophos grants its users granular control over data breach prevention policies. So, you can set up multiple rules for groups as well as individual users, and even create specific "allow" lists composed of domains whose URLs you don't want flagged.

In addition, Sophos Email Security comes with the following features:


Sophos makes its home in the United Kingdom, and that isn't great news if you're particularly privacy-minded. The United Kingdom is one of the founding members of the international Five Eyes surveillance alliance, after all, which calls into question the quality and reliability of the privacy Sophos has to offer.

A comb through the Sophos privacy policy also reveals that the service may collect certain bits of data from users, including; IP address, operating system, location, device type and other technical information. Sophos also claims that it may collect information about how your device interacts with its site, too.

As for why Sophos does all this harvesting, it says:

Collecting this data enables us to better understand the visitors who use our site, products, and services, including where they come from and what features are of interest to them. We use this information for our internal analytics purposes, and to improve the quality, relevance, and security of our Site, products and services.

It's not explicitly stated, but Sophos could also be retaining this data in order to comply with any future warrants or requests from law enforcement.

Finally, I was asked to provide a phone number during the sign-up process in order to receive an SMS verification code. I'd rather this wasn't the case, as it feels invasive, and I did receive multiple phone calls from the Sophos Customer Service team in the days that followed, too (it should be noted that you consent to being contacted by the Sophos team when you register for the free trial, but fielding numerous phone calls at all hours of the day was a bit much).

verify your device



Sophos Email Security uses a combination of SPF, DKIM, and DMARC authentication techniques, and can scan email headers for anomalies (by comparing inbound emails and their senders to lists of frequently duped brand names, for example), and analyze display names and lookalike domains.

This is a particularly potent combination of measures that can quickly flag threats or anomalies before they can cause havoc. SPF, or Sender Policy Framework, is used to determine whether an IP address has the authorization to send emails from the domain in question. DKIM, or Domain Keys Identified Mail, can ascertain whether a certain user has sent a message, and whether it's been tampered with in transit. Finally, DMARC, or Domain Message Authentication Reporting & Conformance, has the final say in what happens to messages that fail the SPF or DKIM checks.

Any messages that seem fishy can be blocked or quarantined, or even tagged with a subject line warning.


sophos general settings change encryption

I'm happy to confirm that Sophos Email Security makes the process of encrypting emails incredibly simple. Users have three methods they can use to encrypt their messages and attachments:

Firstly, it's possible to send emails via TLS. This method combines push based email encryption and AES 256-bit encryption to keep your messages safe during transit – meaning nobody will be able to snoop or adjust them on the fly. Opting for TLS also allows users to manage their encrypted emails directly from their regular email client.

Push encryption is another available method, and sees emails encrypted and converted to PDF files. Any attachments are natively encrypted, too. Of course, push encryption is only an option for those users (and recipients) who can read PDF files. Replying to encrypted emails is simple, and is done via the email client and by using the option inside the encrypted PDF.

Portal encryption, the final option that Sophos users can check out, delivers emails directly to Sophos Secure Message. From this central hub, users are able to manage their incoming and outgoing mail in a few clicks... but this handy feature (and thus, portal encryption itself) is only available for those with an Email Advanced license and the Central Portal Encryption Add-on.

If you opt for push encryption or portal encryption, the email exchange process has some extra steps you should be aware of. If you're sending an email to a recipient for the first time, they'll also receive a notification email from Sophos, which will prompt them to create a password to access Sophos Secure Message. The link to this service (contained in the email) will expire after 30 days.

Once the recipient has made their password, they'll be able to check out your encrypted email and any additional files you've attached. It's worth noting that the password the recipient creates can only be used to access emails from the same region as the original encrypted email – so if they receive additional mail from outside the region, they'll need to create another password.

Outlook add-ins

If you prefer to manage your inbox directly from Outlook, you can still make the most of Sophos' security and encryption tools! All you'll need to do is download the Outlook Add-in, and you'll be able to encrypt emails by hitting the Encrypt button in the client.

The Outlook Add-in is available for Windows and Mac devices, and it's also possible to use the add-in with Outlook on the web.

Account security

Sophos Secure Email also gives users the option to secure their accounts with multi-factor authentication (MFA). Whilst MFA creates another step in the logging-in process, it also creates another barrier between your emails and anyone intending to snoop, so opting-in could be well worth it if security is your main concern. Sophos' MFA explains:

When you set up multi-factor authentication (MFA) for Sophos Secure Email, users access their Exchange accounts via your organization's Microsoft 365 sign-in page.

You'll be able to turn MFA on for your organization via Microsoft 365 provided that you're also using Exchange Online. Then, your users will need to turn MFA on on their own devices. This whole process can be rather tricky, and you'll need to alert people to the fact that MFA is even available, but there are plenty of comprehensive guides online that'll walk you through the process.

Ease of use

If you're already using Sophos' antivirus service, you'll be able to manage your Secure Email service from the same Sophos Central console. This is particularly cool, as it keeps your products bundled together and removes the need to endlessly log in and out of services as and when you tweak your settings.

New Sophos Email Security users can get started with the product pretty quickly – you'll just need to be in charge of the domain and DNS records of your email service. Once you're up and rolling, you'll then be able to create domain, group and user-level policies, and even multiple policies for different groups and sets of individual users.

Sophos Email Security is also fully compatible with Microsoft Exchange Online, Microsoft Exchange 2003 (or later) and Microsoft Office 365. The services' email security also works with Google Cloud's G Suite. It's actually possible to make Sophos Email Security compatible with any service that you own the domain and DNS records for by configuring the MX accordingly.

Adding mailboxes is also nice and easy, and you'll be able to import your work via .csv files.

It's also interesting to note that Sophos takes particular care to impact a user's latency as little as possible – a consideration that took me by surprise, but was definitely appreciated. Sophos pre-filters email traffic, meaning it's only the shifty files and malicious mail that gets submitted to Sandstorm, reducing the impact on user performance. Likewise, because Sophos Email Security is a dedicated virtualized cloud environment, there's very little burden on the device network.

The actual installation and setup process of Sophos Email Security was relatively straightforward. I used a burner email and received a link to activate my account within a few minutes. Afterwards, I was prompted to create a strong password, select my Central Admin Portal location, and agree to the terms of use.

Sophos trial is ready

At that point, I was asked to authenticate my login attempt via a secondary method. Being asked to provide additional personal information right off the bat like this was less than ideal, of course, but after forking over my mobile number, I quickly received the PIN number via SMS.

Customer service

When checking out the Sophos customer service, I was happy to see that live chat and email support was available from 8am to 8pm, Monday to Friday. Those times are in EST, however, so you'll need to bear that in mind if you're a customer from across the pond.

Sophos' English-only support staff have been audited and approved by the Service Capability & Performance Support Standard (SCP). If you'd rather speak to a team member in a different language, however, you'll be able to reach out to alternative offices in Spain, Italy, France, Japan and the Philippines.

I got in touch with the Sophos live chat team during my review. The replies I received were courteous and immediate, although the agent couldn't help me with my more technical questions. Instead, I was referred to the technical support hub... which was not the easiest thing in the world to navigate. You'll need a SophosID to create a specific "support case", otherwise, you can use the search bar to hunt down documentation related to your issue.

Sophos knowledge hub

Final thoughts

Sophos certainly knows how to put together a solid security product – and most users will probably already be familiar with the Sophos antivirus and security suites. The email service is just as robust and comes with an impressive array of granular tools, add-ins, and customizable encryption methods; and proactive threat deletion powered by AI is nothing to sniff at, either!

So, if you're a business, Sophos Email Security might be the next big thing for your users. If you're an individual, you're better off searching elsewhere for a product aimed at personal consumers.

All in all, if you're looking for a service that combines AI automation and nitty-gritty security customization, you could do worse than trial Sophos Email Security!

0 User Reviews

Leave a Review

Your comment has been sent to the queue. It will appear shortly.

Thanks for your review!

Written by: River Hart

Originally hailing from Wales, River Hart graduated from Manchester Metropolitan University with a 1:1 in Creative Writing, going on to work as an Editor across a number of trade magazines. As a professional writer, River has worked across both digital and print media, and is familiar with collating news pieces, in-depth reports and producing by lines for international publications. Otherwise, they can be found pouring over a tarot deck or spending more hours than she'll ever admit playing Final Fantasy 14.


There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

StartMail is a Netherlands based secure email provider, offering 10Gb of storage, unlimited aliases and more.

A straightforward encryption service, with some cracking features, that lets you try before you buy - no credit card details required