Knowledge Base

SonicWall Hosted Email Security FAQ


This FAQ covers Email Security: SonicWall Hosted Email Security.



Product Questions: Answers:

1. What is SonicWall Hosted Email Security?

SonicWall Hosted Email Security enterprises superior cloud-based protection from inbound/outbound spam, phishing attacks and malware at an affordable, predictable and flexible monthly or annual subscription price. At the same time, it minimizes upfront deployment time and costs, as well as ongoing administration expenses.

2. How does it work?

SonicWall Hosted Email Security is a pure cloud based service offering superior cloud based protection from spam, phishing attacks and malware. See diagram below to learn about the different techniques used to protect your email infrastructure.

3. Will using the cloud-based service for email decrease my network traffic?

Yes, since spam and viruses are blocked in the cloud and only good email is deliveredto the recipient mail infrastructure, your network bandwidth consumption decreases.

4. How does SonicWall Hosted Email Security stop spam, phishing and other email-based threats?  

The Hosted Email Security service stops Spam, phishing and virus attacks with over 99% effectiveness using multiple proven, patented techniques including reputation checks that check not only a message's sender IP reputation, but also the reputation of its content, structure, links, images, attachments. The technology also provides Denial of Service (DoS) protection and sender validation. Advanced techniques are also used to analyze email content, such as adversarial Bayesian filtering, image analysis and gibberish detection to uncover hidden known threats, and new threats.

5. What malware protection does SonicWall Hosted Email Security provide?

SonicWall Hosted Email Security integrates multiple anti-virus technologies, including SonicWall GRID Anti-Virus, SonicWall Time-Zero, and McAfee Anti-virus technologies, to deliver best-in-class malware protection and email security.

6. Can I configure customizable aggressiveness settings like in your dedicated products?

Yes, aggressiveness settings can be configured at the organization level and also at the per user level.

7. Can I configure whitelists / blacklists?

Yes, whitelists & blacklists are available by email address, domain names or list names.

8. Does the solution provide outbound protection?

Hosted Email Security provides outbound email scanning to safeguard company reputations by identifying - and blocking - outbound traffic from zombies, unauthorized senders and email containing malicious viruses. You can also create policy filters to prevent leakage of confidential information.

9. What happens when my mail server goes down?  Do you store / spool email messages?

The Inbound Spooling feature available on the SonicWall Hosted Email Security solution allows users to spool, or hold, mail when all the customer's receivers are unavailable. Inbound mail is then delivered when the receivers become available. The solution will spool up to 7 days of email.

10. What do I do about false positives?

 In the event that you experience a false positive:
  • If the sender is a business partner, vendor, or organization that you frequently receive email from, you can add their domain name to the whitelist to ensure delivery of their mail traffic.
  • If an individual email is caught as a false positive, you can add that sender's email address to the whitelist. 
  • If the problem persists, then please open a case with SonicWall Support.  Support can analyze the message and provide feedback to the customer.  Please see the SonicWall Support webpage for your local contact details.

11. What should I do if too much spam is getting through?

SonicWall has tuned the Hosted Email Security solution to specifically prevent spam.  However in the event of a rapid new Spam outbreak, SonicWall's GRID Network takes inputs from millions of sensor worldwide and will quickly learn the new Spam pattern.  It makes updates to the GRID Network in real-time.  These updates are immediately available to the Hosted Email Security solution to mitigate a new spam threat.

12. Is there any limit to the size of the email attachments that can be scanned?

There is an enforced message size limit of 100MB.

13. Can you help me troubleshoot my email security solution?

Please refer to the SonicWall Hosted Email Security Product Support page for resources to troubleshoot:
  1. SonicWall Hosted Email Security Administrator Guide.
  2. SonicWall Technical Support's Knowledge Base

14. What languages are supported for presentation of the Junk Box Summaries?

The Junk Box Summaries can be presented in any of the EFIGS (English, French, Italian, German, Spanish) and Chinese (Traditional & Simplified), Japanese, etc. languages. In total we support 17 different languages.

15. Does Hosted Email Security offer an option to integrate with my LDAP server?

Yes, Hosted Email Security offers LDAP server integration support. As users and email distribution lists are defined in your mail server, this information is automatically reflected in your Hosted Email Security instance in real time.
16a. What IP address ranges should I use to connect to my services SMTP delivery and LDAP queries? For NOAM Customers:,  and

For EU Customers:
16b.  Any changes require on my firewall to restrict SMTP relay?   You can block all inbound traffic coming in, on port 25 except for traffic coming from the sources listed in #16.a 

Please note, the IP range applicable to your geographical location.

17. Does SonicWall store inbound customer emails on their servers?

The Hosted Email Security solution normally operates as an SMTP proxy, relaying email directly to your downstream receiver. Unlike some solutions we don't write the messages to disk and then forward. However you can choose to configure the solution to spool email when all of your organization's downstream receivers are unavailable.

18a. When migrating from on-prem to HES, will configurations migrate? Will user allow/block lists migrate? 

Generally speaking, no settings will migrate.
18b.  When migrating from on-prem to HES, will configurations migrate? Are there any configurations that will NOT migrate? Settings will not migrate. They will have to reconfigure from scratch. 
19. When remote users use HES, will they be able to un-junk messages using their phones? (Currently, users must VPN to CO to do this or ask the ES admin to do it for them.) HES users can access the junkbox directly from the WAN as the UI is public facing.
20. How can I setup outbound Send connector on office 365 server side to route all outbound emails through the Hosted Email Security servers?

HES customers who are opting for office 365 in their outbound path need to use the following FQDN in their send connector for routing the emails from office 365 to respective HES outbound path.

All North America registrations should use the following FQDN while setting up outbound in the O365 send connector

NA : usprodoffice365ou.com.outbound.snwlhosted.com

All EU registrations should use the following FQDN while setting up outbound in the O365 send connector

EU : euprodoffice365ou.com.outbound.snwlhostedeu.com

Licensing and Activation Questions: Answers:

1. I am a partner and I want monthly billing ' what are my purchase options?

Partners have the option of buying from annual and multi-year SKUs from distribution or purchasing per user/month/annual directly from SonicWall. To activate already purchased keys or to buy new licenses, go to https://hosted.mysonicwall.com/

2. I am a customer and I want to pay monthly ' when will you have that?

Customers can get per user monthly pricing through an authorized SonicWall re-seller. Please contact your SonicWall re-seller for more details.

3. How do customers and Partners who have purchased Hosted Email Security activate and start using the product?

To activate already purchased keys or to buy new licenses use the below URL. Partners can use their MySonicWall.com username and password to manage multiple customer instances by accessing the below URL.

4. How easy is to activate and provision Hosted Email Security?

Your instance can be activated and provisioned within minutes automatically by accessing the below URL.

5. How to change your MX-record after activating your Hosted Email Security?

When service is activated, SonicWall registers your domain name associating with our own in the Data Center. For example, if your domain name is soniclab.us, we register your domain's (A) record which would be soniclab.us.snwlhosted.com into our block of IP addresses.
For definition of MX record, please go to the link below for more explanation
At this point, you would have to publish the new MX record that we've created with your ISP. In this example, system administrator sets the MX record for Soniclab.us domain with (A) record that we activated. Most ISP provides DNS management web console that allows system administrator to edit the MX record but if not please contact your ISP. Click here for an article for more details.

6. Where should I point my outbound email traffic to enable outbound email protection?

To view the outbound email path please login to hosted.mysonicwall.com and navigate to Registration, click on the domain in question to view the outbound path.
  • For NOAM: [yourdomain].[yourdomain's TLD i.e. .com, .net, .org].outbound.snwlhosted.com
  • For EU: [yourdomain].[yourdomain's TLD i.e. .com, .net, .org].outbound.snwlhostedeu.com
7.  Where should I point my SPF Records?
Sender Policy Framework (SPF) is a simple email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is being sent from a host authorized by that domain's administrators. The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged sender addresses, so publishing and checking SPF records can be considered anti-spam techniques.
You can point SPF records as follows:
  • SPF record for NOAM location: include:_spf.snwlhosted.com 'all
  • SPF record for EU location: include:_spf.snwlhostedeu.com 'all
Encryption Questions: Answers:

1. Does your HES offering support Encryption Services?

Yes, the email encryption service is integrated into the Hosted Email Security solution. The email encryption service is an add-on service that needs to be purchased separately and activated. Example, '01-SSC-5078 - SonicWall Email Encryption Service for Hosted Email Security - 10 Users (1 Year).

2. What level of encryption is being supported currently?

AES 256

3. What is the storage space allocated per enduser?

Storage allocation is on a per user basis. Sender or Recipient are each allocated 500 mb.

4. How long are the encrypted messages stored for?

The messages are aged out on a rolling 30 day window

5. Does the current solution support customized encryption templates?


6. Are there any options to cancel the encrypted message before recipient receives it?

Yes. If the message has NOT been read by the recipient, it can be revoked. Even if it has been opened, it can be revoked but it will not expire any already downloaded files or exported files.

7. Can you configure expiration time for encryption key, if the encryption key has expired the message will not open?

No, but you can set a message expiration time where the message itself is unreadable. This is not specific to the encryption key, but occurs at the message level.

8. Can a read notification be sent as soon as the recipient opens the encrypted message?

Yes, this can be configured for from the backend based on company or sender preference.

SonicWall Hosted Email Security FAQ