| Table of Contents | ||||
|---|---|---|---|---|
|
Summary
Configuring Your VIP List
...
Every message with an INKY banner contains a “Report This Email” link which allows your end-users to report emails as either safe, spam, or phishing. These reports are sent to INKY’s security operations team and optionally a local administrator (as discussed under Custom Reporting Email Notifications). Every report INKY receives is carefully reviewed and analyzed to determine if an update to our models is applicable. INKY encourages all users to report incorrectly bannered messages when possible, as this strengthens our detection capabilities and reduces the potential for false positives.
The User Reporting tab under Settings in your INKY Dashboard allows administrators to configure how long reported messages are stored in INKY, an optional recipient to receive user reports, and the option to enable enhanced reporting for end-users.
Reporting Options
The following settings are configurable:
Setting | Description |
|---|---|
Save raw message data, encrypted at rest, to allow faster and more actionable response to feedback. | Enabling this option provides an unprocessed copy of your incoming mail to INKY’s SOC team. Messages are encrypted in a way that even INKY employees cannot decrypt until a user explicitly reports the message. |
Keep encrypted raw messages for: 3, 5, 7 days | The length of time INKY stores an unprocessed copy of your messages. |
Always send raw messages (if available) to Inky for analysis (i.e., do not allow end users to opt-out for specific messages) | Messages reported to INKY will always include the original, unprocessed message (if available). |
Allow end users the option to authenticate on the Report This Email page to unlock enhanced reporting capabilities. | Users signed in with Microsoft 365 or Google Workspace as the recipient of a reported message, a user can choose to have reported spam or phish automatically deleted from their mailbox. They can also choose to automatically block (i.e., send to quarantine) all future mail from unwanted senders. These Block Sender settings apply on a per-user basis and can be viewed on the Block List by checking the "User-Specific" box. A user can review their settings on the User Dashboard. For more information about this feature, please see <INSERT HYPERLINK HERE> |
Custom Reporting Email Notifications
Administrators who wish to receive user-reported messages can add one or multiple email addresses in this section. Multiple addresses must be separated by a comma.
...
Setting | Description |
|---|---|
Attach original raw message inside a .zip (application/zip) file. By default, the original mail will be attached as an RFC822-formatted .txt (text/plain) file. This is due to the fact that some mail systems automatically process/reformat incoming .eml attachments. | Reported messages will arrive to the specified recipient as an .EML inside a .ZIP file. |
Attach original raw message as a .eml (message/rfc822) file. By default, the original mail will be attached as an RFC822-formatted .txt (text/plain) file. This is due to the fact that some mail systems automatically process/reformat incoming .eml attachments. | Reported messages will arrive to the specified recipient as an attached .EML. |
Set the From: header in the notification email to match the contact email address specified on the report page (default is an Inky address). This option will cause Inky to "spoof" mail from your reporting team member and should only be used if the notifications are going into a system that expects this. Otherwise, the mail may get blocked due to suspicion of phishing. | The sending address for reported messages can be modified to any email address. By default, reports originate from: robot@verify.inky.com. |