Allow and Block Listing

Allow and Block list within INKY work off of three core principles: the criteria, the result type, and authentication.

Criteria

The criteria section is where an admin chooses what should match the allow or block list. These values can be the following:

  • Email Address

  • Domain

On the Block List you can also add:

  • IP Addresses

Result Types

Result types are the INKY specific categories that mails are identified with such as Spam Content, Brand Impersonations, and many others.

When adding Allow List entries directly from https://app.inkyphishfence.com/settings/allow-list admins can allow for the following categories:

  • Spam Content

  • Phishing Content

  • Sensitive Content

  • First-Time Sender

  • Blocked Sender Location

  • QR Code

  • Graymail

  • Do not warn about Any Threats

On the Block List https://app.inkyphishfence.com/settings/block-list you can add the following directly:

  • Spam Content

  • Phishing Content

  • Blocked Sender

  • Graymail

You can also add Allow and Block entries directly from a Message Detail view. Adding entries from here gives you all of the options associated with the specific message currently viewed. For example, the below image shows that you can add Allow Entries for Brand Impersonation, First-Time Sender, Spam Content, or Any Threats. The Brand Impersonation option has additional choices related to the brand identified.

image-20240319-124233.png

Authentication

Allow and Block list have additional authentication options, which can be the safer and more targeted option when adding entries to the appropriate list.

After selecting an action on the message detail view, you’re prompted with the below message. This message pre-checks the “Apply only to messages that pass DMARC authentication (safer option)”. When this option is checked only messages that pass DMARC (SPF or DKIM passes for the FROM header) will match this allow list entry. This ensures that any message not passing DMARC will not match the Allow Entry.

image-20240319-124535.png

You’re also able to bulk add allow list entries from https://app.inkyphishfence.com/settings/allow-list, which provide the same “Apply only to messages that pass DMARC authentication (safe option)” choice when submitting new entries. You’ll also notice an option to “Also match subdomains for any domain-only entries.” This ensures that any entries you add that are domain only, such as securitytides.com would also match as *.securitytides.com.