Need an Outlook Plug-in or some easy method for users to send spam that has reached their inbox to send messages to the provided SpamLearn@ address. Likewise there needs to be an easy method to use the NonSpamLearn@. As another user posted, there is no option to flag these on the quaratine views. What is particularly disturbing is that there is no documented procedure for users to flag delivered messages as spam that I can see.

Add support for clustering on SG, and also the ability to use SQL Server as a database. This will resolve the single-point-of-failure issue with the product, and hopefully help improve performance when dealing with a very large DB.

It would be nice to have an option to add a disclaimer only to the current reply part of an email, so that it is always directly beneath the current reply, instead of being added to the far end of the mail body.

Security Gateway sends statistics reports and only mentions the server name. If you have one domain to monitor then this is no issue. Monitoring multiple domains as administrator it would be nice to see which domain the report is about.
In my case, I monitor multiple domains but only have one administrator selected so I get a per domain report.
In this case you can see which domain needs attention most.

At present, SG users can have one out of three roles:

1) global administrator (rw)
2) domain administrator (domain+ rw)
3) normal user (mailbox rw)

I was asked if it is possible to creare read-only administrator users:

1) global administrator (rw)
1.1) global read-only administrator (r)
2) domain administrator (domain+ rw)
2.1) domain read-only administrator (domain+ r)
3) normal user (mailbox rw)

I really like the MDaemon client's log that can be continually live for administrator viewing.
I would like to see something similar in the SG. I would like to see options for the web client:
1) Length of time to stay connected before auto logging out

Options right on the detail Logs and Messages Logs (All, Quarantine, etc) screens:
2) Automatic Log Refresh (enable/disable checkbox) and refresh interval

Behavior for the Messages Logs (All, Quarantine, etc.)
3) Disable Automatic Logging when any of the Message links are clicked. Uncheck the Automatic Logging checkbox immediately when disabling the Automatic Logging.

When using more than 1 DNSBL service and planning to stop DNSBL lookups after the first found listing, it is important to be able to set the sequence in which the DNSBLs are searched. Right now, the only way to change the sequence is to erase the DNSBL services entries and re-enter them in the desired sequence.
For example:

MyPrivateDNSBL.net
bl.spamcop.com
zen.spamhaus.org

It's not a high priority idea. Just a user friendly touch.

The IP Blacklist and DNSBL actions should have the option to drop the SMTP connection immediately after learning that the source IP is black listed. The reason to drop the connection immediately is to reduce the additional processing that is essentially wasted if the policy is to reject the email.

The Blacklist IPs and DNSBL should be examined ASAP after connection to minimize the time to decide to drop a listed connection. Dropping the listed connection ASAP reduces the chance of an SPAM or SMTP attack from overloading the SG.

Currently the SG does not retain email that it fails to deliver. I propose that there be an option to retain undeliverable email pending review and dispostion by an administrator.
This would be most valuable for initial configurations where the person setting up the system is trying to develop the best setup between the SG and inside email server(s). The Default for this option can be the current behavior to simply clear messages with permanent delivery failure.