Organization Spam Control

Organization Spam Control

Spam Control section provides options to customize the Spam Control options, with custom controls to reject emails or move the emails to 'Quarantine' area from where the administrator can approve or reject the emails.

SPF Verification:

SPF or Sender Policy Framework are the DNS records that define the email servers that are allowed to send emails based on the particular domain.  For incoming emails, the SPF validation is based on the sending domain's published SPF Record and the IP from which the emails are received. In case of a conflict, the SPF validation returns soft fail or fail for the emails. The administrator can choose to 'Temporary Reject' or 'Reject' or 'Allow (Process further)' or 'Move the emails to Quarantine' for the SPF Soft Fail and Fail cases. 

The SPF Soft Fail and Fail are based on the domain's SPF Records set for the domain. 

  • Permanent Reject: To directly bounce back the emails, if the SPF fails/ soft fails based on the option chosen.
  • Temporary Reject: To temporarily reject emails with 4xx errors. The retries will be checked for SPF Again and will be accepted if the sender has corrected or updated the SPF records.
  • Allow: To move the email to further Spam Processing, without rejecting the email.
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator.

DKIM Verification:

When an incoming email has a DKIM signature in the header, the DKIM validation happens for the email. In case the DKIM is found not valid, then the administrator can choose one of the below actions for such emails.  

  • Permanent Reject: To directly bounce back the emails, if DKIM Validation for the email fails. 
  • Temporary Reject: To temporarily defer the emails. 
  • Allow: To move the email to further Spam Processing, without rejecting the email.
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator.

Zoho Blacklist (DNSBL)

Zoho maintains a consolidated Blacklist based on User Spam Marking, Abuse patterns and certain third-party blacklists subscribed by us. Similar to SPF and DKIM, the organization administrator can add rules to control the execution of the Zoho Blacklist. The administrator can control the delivery of emails based on his organization's requirements. 

  • Permanent Reject: To directly bounce back the emails, if the sending domain/ email address or IP address is present in the Zoho Blacklist.
  • Temporary Reject: To temporarily defer the emails, if the sending domain/ email address or IP address is present in the Zoho Blacklist
  • Allow: To move the email to further Spam Processing, without rejecting the email. 
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator. 

DMARC Verification:

DMARC policy is an email authentication protocol built on the widely deployed SPF and DKIM protocols. If there is an authentication failure, and the DMARC policy is set to quarantine, the administrator of the recipient domain can choose one of the below actions to perform on the emails.

  • Allow: To move the email to further Spam Processing, without rejecting the email.
  • Move to Spam: To mark the email as Spam, without any further check.
  • Move to quarantine: To move the email to the Spam Quarantine, for review by the administrator.

Quarantine Messages

The Quarantine is the section, where the emails, which may be considered as Spam due to SPF/ DKIM validation failure or based on Organization or Zoho Blacklist, can be optionally moved for review by the administrator based on Antispam.

From the quarantine, the administrator can select multiple emails and click Deliver to deliver the emails to the Inbox of users. Similarly, to reject the emails, the administrator needs to select the emails to reject and select delete. The administrator can click the email to view the message headers of the email.

You can also search for specific quarantined emails based on the available criteria. The search can be performed based on criteria such as Subject, Sender, To or Cc, Email Content, Attachment Name, Attachment Content or Date. By default, the entire message will be searched. 

A notification email can be sent to the recipient of the quarantined email and a selected admin each time an email is quarantined. From the quarantine, the administrator can select multiple emails and click Deliver to deliver the emails to the Inbox of users. Similarly, to reject the emails, the administrator needs to select the emails to reject and select delete. 

Quarantine Notifications:

When an email is quarantined due to the failure of any of the spam checks, a notification email will be triggered. This email will be sent to the recipient to whom the quarantined email is addressed, and a copy will be sent to one of the selected Admins.

Similarly, when an email that is sent to a group is quarantined, the notification email will be sent to the group moderator. If the group does not have a moderator, it will be sent to the organization admin. 

The notification email will contain details such as the sender of the quarantined email, the email subject, the date and time at which the email was sent and the reason why it was quarantined.

 In the Quarantine Notification section, you can choose whether you want to be notified by email or not, the members who need to be notified, and how often the notification can be sent.

You can also set the frequency at which the check for quarantine emails needs to be performed from the dropdown list.

Notification by email - You can choose whether you want to be notified by email here.

Check for new quarantined emails, once in - Select how frequently you want to receive notification about the quarantined emails.

Notification Email Address - Select the email address to which the notification has to be sent from the list of Admin / Super Admin email addresses.

Whitelist Email/ Domains:

Whitelists can be defined commonly for the entire organization. The administrators can define entire domains or specific email addresses as a Whitelist domain/ email address to make sure that the emails from the domain do not get marked as Spam. However, in case there is an SPF failure, and there is no action set for SPF failure, the whitelist domain/ email will not be marked as 'Not Spam'. In case of SPF failure, the email may be a possible Spoofed Email, and hence the email address/ domain added to the whitelist will not be effective in that case. 

The Trusted Emails List in this section refers to those email addresses that do not have to undergo any spam processing. If you have any email addresses that fall under this category, you can add it here. Any email from these addresses will directly get delivered to the respective mailbox.

The Trusted Domains list in the Whitelist section refers to the domains that do not need to undergo any Spam Processing at all. You can add domains for which you do not want any spam processing to happen in this section. Emails from these domains will directly get delivered to your mailbox. If a domain that you have added in the Trusted Domains list sends a spoofed email, this will also get delivered to the respective mailbox.

In the Trusted IP List you can enter the IP addresses that you would like to Whitelist. Click the Add IP Address button and enter the relevant IP addresses.

This is particularly handy when you know that the sending domain has incorrect SPF/ DKIM settings and you want to allow only these domains from your otherwise strict SPF/ DKIM policies for Spam Control.  

Blacklist Email/ Domains:

Blacklists can also be defined commonly for the entire organization. The administrators can mark entire domains, TLDs or specific email addresses as Blacklist domain/ Blacklist Email address. In these cases, even if the domain passes the SPF test, the email from that domain will be marked as Spam.

The administrator can control the delivery of emails based on his organization's requirements. 

  • Allow Email: To allow the email to reach the recipient's account.
  • Reject: To directly bounce back the emails, if the sending domain/ email address is present in the administrator-defined Blacklist.
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator. 

In the IP List ​tab you can enter the IP addresses that you would like to blacklist. Click the Add IP Address button and enter the relevant IP addresses.

Note:

  • You will not be allowed to include your domain's TLD to your Organization Blacklist.
  • The IP List options for Whitelist and Blacklist will not be available for organizations in the free plan.

Spam Control Settings:

In your organization Control Panel, you can customize advanced settings with respect to your organization's spam policy. This includes options to alert the user based on the sender of the email, performing spam check on emails after email delivery, spam check based on the email content and the HTML tags present in the email.

To customize the Spam Control Settings for your organization, login to the Zoho Mail Control Panel, go to the Spam Control section and navigate to the Settings tab.

Sender-based Alerts:

Based on the source of the email, you can choose whether you want to alert the receiver of the email. You can set the option based on the authentication of the email, whether the sender is a contact or whether the sender is from your organization.

Unauthenticated - User will be alerted for emails that have not passed the SPF or DKIM verification.

External mails - User will be alerted for emails that are sent by members that are not part of their organization.

Non-contact mails - User will be alerted if the email sender is not a part of their ̄address book.

Post-delivery Spam Checks:

After the email ahs been delivered to the respective mailbox, background spam checks will still be conducted on the email to validate it. During these background checks if the IP is blacklisted or if virus is detected in the email, it will be moved to spam. This can either be disabled, or enabled for all emails or for unread emails alone. If you don't want post-delivery spam checks to be conducted on emails that you have read, you can set the option to 'Unread Mails alone'.

Content-based Spam Settings:

You can set it up such that emails with specific kind of content are marked as spam. Emails containing Macros, Web bugs, Javascript codes or bulk emails can be processed by spam filters based on the content.

HTML Tags:

The HTML tags based Spam Check is to check for emails that have specific tags in the email content. You can choose among the Frame, Object, Embed and Form tags. Emails with the tags that you have selected will be classified as spam.

Note:

The Spam Control Settings option will be available only for paid account users.

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: support@zohomail.com