...
Every message with an INKY banner contains a “Report This Email” link which allows your end-users to report emails as either safe, spam, or phishing. These reports are sent to INKY’s security operations team and optionally a local administrator (as discussed under Custom Reporting Email Notifications). Every report INKY receives is carefully reviewed and analyzed to determine if an update to our models is applicablenecessary. INKY encourages all users to report incorrectly bannered messages when possible, as this strengthens our detection capabilities and reduces the potential for false positives.
...
Setting | Description |
|---|---|
Save raw message data, encrypted at rest, to allow faster and more actionable response to feedback. | Enabling this option provides an unprocessed copy of your incoming mail to INKY’s SOC team. Messages are encrypted in a way that even INKY employees cannot decrypt until a user explicitly reports the message. |
Keep encrypted raw messages for: 3, 5, 7 days | The length of time INKY stores an unprocessed copy of your messages. |
Always send raw messages (if available) to Inky for analysis (i.e., do not allow end users to opt-out for specific messages) | Messages reported to INKY will always include the original, unprocessed message (if available). |
Allow end users the option to authenticate on the Report This Email page to unlock enhanced reporting capabilities. | Users signed in with Microsoft 365 or Google Workspace as the recipient of a reported message, a user can choose to have reported spam or phish automatically deleted from their mailbox. They can also choose to automatically block (i.e., send to quarantine) all future mail from unwanted senders. These Block Sender blocked sender settings apply on a per-user basis and can be viewed on the Block List blocklist by checking the "User-Specific" box. A user can review their settings on the User Dashboard. For more information about this feature, please see <INSERT HYPERLINK HERE>Allow end users the option to authenticate on the Report This Email page to unlock enhanced reporting capabilitiesthe “Per-User Allow & Block Listing” article linked below. |
If a user is authenticated, allow end users to maintain a personal allow list for a limited set of threat categories. | If a message is labeled safe, the user will be presented with allow actions for the following categories: Spam Content, Reported Spam (can be customized by request to INKY support). The actions apply on a per-user basis and can be viewed on the Allow List by checking the "User-Specific" box. A user can review their settings on the User Dashboard. |
...
Setting | Description |
|---|---|
Attach original raw message inside a .zip (application/zip) file. By default, the original mail will be attached as an RFC822-formatted .txt (text/plain) file. This is due to the fact that some mail systems automatically process/reformat incoming .eml attachments. | Reported messages will arrive to the specified recipient as an .EML inside a .ZIP file. |
Attach original raw message as a .eml (message/rfc822) file. By default, the original mail will be attached as an RFC822-formatted .txt (text/plain) file. This is due to the fact that some mail systems automatically process/reformat incoming .eml attachments. | Reported messages will arrive to the specified recipient as an attached .EML. |
Set the From: header in the notification email to match the contact email address specified on the report page (default is an Inky address). This option will cause Inky to "spoof" mail from your reporting team member and should only be used if the notifications are going into a system that expects this. Otherwise, the mail may get blocked due to suspicion of phishing. | The sending address for reported messages can be modified to any email address. By default, reports originate from: robot@verify.inky.com. |