Internal Mail Detection

Summary

Since INKY processes only external mail, a message that looks like it's from one of your domains is potentially spoofing unless we can verify that it comes from a trusted source. On the other hand, a message from one of your domains that cannot be verified is likely spoofing and should get detected as potential phishing. Use the below options to help improve INKY's handling of messages that technically arrive from an external system yet may actually be legitimate, internal messages. Also, for some customers, additional context about what type of mail is being processed is required to be able to detect spoofing accurately.

 

Setting

  1. Navigate to your INKY Dashboard

  2. Select Settings then Analysis

  3. Select “Treat all mail between domains configured for your Inky team as internal mail.“

  4. Entries here should be a comma-separated list of IP addresses or CIDR blocks identifying sources of mail.

 

 

When making any changes to the Settings page, please ensure that you scroll to the bottom and click on the Save Changes button.

 

Related Articles

The entries from “Internal Mail Detection” can also be used to remove banners from senders that are external. While this isn’t generally recommended it is an option available for those who want it.

https://inkyops.atlassian.net/wiki/spaces/ICSS/pages/564691005/Configure%2BINKY%2BCustomize%2BWhich%2BBanners%2Bto%2BInclude