Organization Spam Control

Organization Spam Control

Spam Control section provides options to customize the Spam Control options, with custom controls to reject emails or move the emails to 'Quarantine' area from where the administrator can approve or reject the emails.

SPF Verification:

SPF or Sender Policy Framework are the DNS records that define the email servers that are allowed to send emails based on the particular domain.  For incoming emails, the SPF validation is based on the sending domain's published SPF Record and the IP from which the emails are received. In case of a conflict, the SPF validation returns soft fail or fail for the emails. The administrator can choose to 'Temporary Reject' or 'Reject' or 'Allow (Process further)' or 'Move the emails to Quarantine' for the SPF Soft Fail and Fail cases. 

The SPF Soft Fail and Fail are based on the domain's SPF Records set for the domain. 

  • Permanent Reject: To directly bounce back the emails, if the SPF fails/ soft fails based on the option chosen.
  • Temporary Reject: To temporarily reject emails with 4xx errors. The retries will be checked for SPF Again and will be accepted if the sender has corrected or updated the SPF records.
  • Allow: To move the email to further Spam Processing, without rejecting the email.
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator.

DKIM Verification:

When an incoming email has a DKIM signature in the header, the DKIM validation happens for the email. In case the DKIM is found not valid, then the administrator can choose one of the below actions for such emails.  

  • Permanent Reject: To directly bounce back the emails, if DKIM Validation for the email fails. 
  • Temporary Reject: To temporarily defer the emails. 
  • Allow: To move the email to further Spam Processing, without rejecting the email.
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator.

Zoho Blacklist (DNSBL)

Zoho maintains a consolidated Blacklist based on User Spam Marking, Abuse patterns and certain third-party blacklists subscribed by us. Similar to SPF and DKIM, the organization administrator can add rules to control the execution of the Zoho Blacklist. The administrator can control the delivery of emails based on his organization's requirements. 

  • Permanent Reject: To directly bounce back the emails, if the sending domain/ email address or IP address is present in the Zoho Blacklist.
  • Temporary Reject: To temporarily defer the emails, if the sending domain/ email address or IP address is present in the Zoho Blacklist
  • Allow: To move the email to further Spam Processing, without rejecting the email. 
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator. 

DMARC Verification:

DMARC policy is an email authentication protocol built on the widely deployed SPF and DKIM protocols. If there is an authentication failure, and the DMARC policy is set to quarantine, the administrator of the recipient domain can choose one of the below actions to perform on the emails.

  • Allow: To move the email to further Spam Processing, without rejecting the email.
  • Move to Spam: To mark the email as Spam, without any further check.
  • Move to quarantine: To move the email to the Spam Quarantine, for review by the administrator.

Quarantine Messages

The Quarantine is the section, where the emails, which may be considered as Spam due to SPF/ DKIM validation failure or based on Organization or Zoho Blacklist, can be optionally moved for review by the administrator based on Antispam.

From the quarantine, the administrator can select multiple emails and click Deliver to deliver the emails to the Inbox of users. Similarly, to reject the emails, the administrator needs to select the emails to reject and select delete. The administrator can click the email to view the message headers of the email.

You can also search for specific quarantined emails based on the available criteria. The search can be performed based on criteria such as Subject, Sender, To or Cc, Email Content, Attachment Name, Attachment Content or Date. By default, the entire message will be searched. 

A notification email can be sent to the recipient of the quarantined email and a selected admin each time an email is quarantined. From the quarantine, the administrator can select multiple emails and click Deliver to deliver the emails to the Inbox of users. Similarly, to reject the emails, the administrator needs to select the emails to reject and select delete. 

Quarantine Notifications:

When an email is quarantined due to the failure of any of the spam checks, a notification email will be triggered. This email will be sent to the recipient to whom the quarantined email is addressed, and a copy will be sent to one of the selected Admins.

Similarly, when an email that is sent to a group is quarantined, the notification email will be sent to the group moderator. If the group does not have a moderator, it will be sent to the organization admin. 

The notification email will contain details such as the sender of the quarantined email, the email subject, the date and time at which the email was sent and the reason why it was quarantined.

 In the Quarantine Notification section, you can choose whether you want to be notified by email or not, the members who need to be notified, and how often the notification can be sent.

Notifications about the quarantined emails, if any, will be sent only once in every 12 hours or 24 hours.

Notification by email - You can choose whether you want to be notified by email here.

Check for new quarantined emails, once in - Select whether you want to receive notification about the quarantined emails every 12 hours or 24 hours.

Notification Email Address - Select the email address to which the notification has to be sent from the list of Admin / Super Admin email addresses.

Whitelist Email/ Domains:

Whitelists can be defined commonly for the entire organization. The administrators can define entire domains or specific email addresses as a Whitelist domain/ email address to make sure that the emails from the domain do not get marked as Spam. However, in case there is an SPF failure, and there is no action set for SPF failure, the whitelist domain/ email will not be marked as 'Not Spam'. In case of SPF failure, the email may be a possible Spoofed Email, and hence the email address/ domain added to the whitelist will not be effective in that case. 

The Trusted Domains list in the Whitelist section refers to the domains that do not need to undergo any Spam Processing at all. You can add domains for which you do not want any spam processing to happen in this section. Emails from these domains will directly get delivered to your mailbox. If a domain that you have added in the Trusted Domains list sends a spoofed email, this will also get delivered to the respective mailbox.

This is particularly handy when you know that the sending domain has incorrect SPF/ DKIM settings and you want to allow only these domains from your otherwise strict SPF/ DKIM policies for Spam Control.  

Blacklist Email/ Domains:

Blacklists can also be defined commonly for the entire organization. The administrators can mark entire domains, TLDs or specific email addresses as Blacklist domain/ Blacklist Email address. In these cases, even if the domain passes the SPF test, the email from that domain will be marked as Spam.

The administrator can control the delivery of emails based on his organization's requirements. 

  • Allow Email: To allow the email to reach the recipient's account.
  • Reject: To directly bounce back the emails, if the sending domain/ email address is present in the administrator-defined Blacklist.
  • Quarantine: To move the email to the Spam Quarantine, for review by the administrator. 

Note:

You will not be allowed to include your domain's TLD to your Organization Blacklist.

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: support@zohomail.com