product_manager_8

Hi @mathisbilgi , ECOS scans .tar archives so it is surprising it would not scan this one. If you have logging of clean objects turned on in your policy, you can go into Scan Logs and see the detail of the log and it should say what the result and the reason was. There may be cases when it would not be scanned, such as if the archive is password protected. But it would be helpful in diagnosing the problem if you could let us know what the detail says. thank you

There are pros and cons to everything If there is a gateway in front of the mailbox, and the gateway is out of order for whatever reason, the email may not get delivered at all as it could remain stuck at the gateway and would not be forwarded to the mailbox. On the flipside, with API security solutions, if that solution goes down, the email gets delivered, but it wouldn´t be scanned. Of course this is an edge case, but still something to think about.
I don´t know about our competitors but when we onboard a new tenant (which is extremely easy and short), we only request minimal permissions necessary for ECOS to work. And you can also revoke them at any time if you want.

I am not trying to convince you to choose ESET for your mail security, but I want to make sure you make an informed choice. If you decide to go with a competitor, and we end up releasing a gateway in the future, I hope we can win you back as our customer

Hi @Saado ,
there is a toggle switch on the Settings page (see screenshot below) that toggles visibility between all users vs. users that have a valid M365 license. If this user was protected before but his M365 license was suspended, yet ECOS protection was still active, they would still show up in the interface. But once you unprotect them, the filter is applied and they are not displayed anymore. Try turning this toggle switch off and see if the interface displays this user in your list again.

Thank you for your business

Hi and thank you for posting your question.
You are correct, there are some policies that may overlap. Office 365 protection cannot be completely disabled, so you are always partially dependent on the setup in the Office 365 admin panel.
In regards to knowing what policy is applied, think of it in two stages - Firstly, the O365 policy is applied and ECOS comes in after. For instance, if the O365 policy is set up to delete spam right away, ECOS will not even see this email and it can´t therefore even apply any policy and perform specified action. On the other hand, if O365 is set up to let everything pass through, then ECOS will apply policies to emails it receives. Because of Office 365´s design, ECOS acts as a second layer of defense.
I hope this answers your question
 

Hi Mauricio, you could try two things:
There is an option to report spam/malware/phishing in ECOS - it´s under HELP and Submit Sample where you would upload the email and it is sent off for review, so if the email turns out to be SPAM or phishing, it is centrally logged for all future occurrences.

The second option is that if you are also using ESET Endpoint Security on your devices, you can install one of the email client plugins which gives you the option to report SPAM straight from the client, which what I assume you had before. https://help.eset.com/ees/7/en-US/idh_outlook_toolbar.html?idh_config_mailplugins.html