Rules

Here you will find an overview of the available rules. These managed rules cover specific use cases, which are documented by name and description. These rules become active if the respective email is within the configured scope. If none of the managed rules are applied, the email is processed based on the standard set of rules.

Configuring the scope of a rule

Properties of the rules

Configuring the scope of a rule

  1. Go to Configuration > Rules.
  2. Double-click the rule you want to edit or select it and click Edit.
  3. Click Add.
  4. Restrict the scope of the rule for sender (MAIL FROM) and recipient as desired.
  5. Click Save.

EXAMPLE:  If you enter *user@example.com, this pattern corresponds to all email addresses ending in user@example.com. If you enter *@example.com all addresses from the domain example.com match. If you enter *.example.com, all subdomains of example.com will match.

NOTE: In order to use groups, you must first add them to a user import. See Automatic user import via Azure Active Directory.

Properties of the rules

NOTE: The malware scanner will be applied to all inbound and outbound emails.

NOTE: Unlike our standard rules, the predefined rules in which you can set entries are filtered to the Corporate domain. This means that we also accept emails for users who may not be known as corporate users.

Inbound

Internal communication

  • The malware check and the inbound disclaimer are applied.

Malware scanning and content filtering/Malware-Prüfung und Inhaltsfilterung

  • Malware scanning and content filtering are applied.

Malware scanning, no content filtering/Malware-Prüfung, keine Inhaltsfilterung

  • Only malware scanning is applied.

WARNING: This rule should only be used if absolutely necessary.

All other inbound emails

  • This rule provides the highest possible protection against malware and spam.

Soft check/Milde Prüfung

  • A simplified filter check is used.
  • Elaborately designed spam emails could be accepted.
  • Under certain circumstances, this rule is sufficient for allowlisting.

Medium check/Mittlere Prüfung

  • The rule corresponds to a demanding filter test.
  • Targeted spam emails could be accepted.

Block list/Blockliste

  • This rule immediately rejects inbound emails.

Decryption allowlist/Ausnahme für Entschlüsselung

  • This rule corresponds to the rule Standard-Inbound/Default Inbound, but allows encrypted emails to pass that NoSpamProxy cannot decrypt.

Outbound

NOTE: For outbound connections, NoSpamProxy Cloud always attempts to establish a TLS connection.

All outbound emails

  • Outgoing emails are signed and/or encrypted where possible.

Plain text

  • Outbound emails are never encrypted and are not signed.

Forced encryption

  • Outbound emails are never encrypted and are not signed. If no key material can be found, NoSpamProxy Cloud applies PDF Mail (i.e. PDF encryption).

Encryption allowlist/Ausnahme für Verschlüsselung

This rule corresponds to the rule Standard-Outbound/Default Outbound, but allows already encrypted emails to pass.

Signing only/Ausschließlich signieren

This rule signs emails but does not encrypt them. TLS is still used.

No 32Guards/Kein 32Guards

This rule does not perform a check with 32Guards. It is only suitable for cases where there is a false positive from 32Guards. See Reporting false negatives and false positives.

NOTE: Under no circumstances should you use this rule permanently.

No 32Guards, plain text email/Kein 32Guards, Klartext-E-Mail

This rule does not check with 32Guards and does not encrypt or sign. It is only suitable for cases where there is a false positive from 32Guards. See Reporting false negatives and false positives.

NOTE: Under no circumstances should you use this rule permanently.