Incoming Rules
Incoming Rules are a set of conditions based on which administrators can decide which emails get to reach a user's mailbox. The rules can be associated with a specific user, a set of users or for the entire organization. Once a rule is enabled, emails get validated against the conditions specified in the rule before getting delivered to the intended recipient's mailbox.
Note:
- It is mandatory to enable Organization Rules from the Spam Processing section in the Admin Console.
- The Incoming Rules feature will be rolled out in a phased manner and be available only for organizations that use one of our paid plans.
- If you want the option enabled for your organization, please reach out to us at support@zohomail.com.
Create Incoming Rule
Follow these steps to create an Incoming Rule:
- Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
- Navigate to Rules and select Incoming Rules.
- Click the Create now button to add the first rule.
- Provide a rule name and a description for the rule.
- If required, set an Expiry Date.
- Select either of the Condition Type from the below options:
- Apply for matching conditions - When chosen, all the emails will be checked for the conditions mentioned.
- No Condition - When chosen, all the emails you receive will go through the preferred action.
- Select one or more Conditions, the Operating parameter and the corresponding Action.
- Choose the users to whom you want to apply the rule from the Apply To drop-down:
- All users - The rule will be applied to all the users in your organization.
- All users except selected users - The rule will be applied to all the users except the ones added to the list.
- Selected Users - The rule will be applied to the specific set of users you add.
- Skip to this step if you chose All users.
- Click the Select users button to include or exclude users.
- Select the users you want to add to the list and click Submit. You can also remove a user from the list by clicking the Delete icon next to the user.
- Select Reset to default button when you have to clear all the selected conditions and provide a different criteria.
- Review your rule and do one of the following:
- Create and enable rule - Your rule will not only be created but also be enabled automatically to start processing emails with respect to its conditions and actions.
- Create rule - Your rule will only be created and not enabled. That means if you want the rule to be applied to the emails you receive, you will have to manually activate it.
- Hover over a rule in the list to rearrange it using the drag and drop icon. Rearranging them automatically changes the rule processing priority based on the order they are currently listed.
Note:
The maximum number of Incoming Rules that can be configured for an organization is 500.
Available Conditions
Zoho Mail provides multiple conditions based on which you can filter incoming emails. There can be more than one condition for a single rule depending on your organization's requirement. The various conditions are listed in the tables that follow:
Sender / From
| Parameter | Description | Value |
| Is external sender | Checks if the sender is not part of the organization | Select Yes or No from the drop-down. |
| Is authenticated sender | Validates whether the sender's identity is authenticated | Select Yes or No from the drop-down. |
| New sender | Checks if the email is received for the first time from the sender | Select Yes or No from the drop-down. |
| Reply-to email address | The reply-to address of an incoming email | Click Add email addresses, enter the desired email address and click Add. |
| Return path domain | The reverse-path/ bounce address's domain | Click Add domains, enter one or more domain names and click Add. |
| Return path email address | The reverse-path/ bounce address of an incoming email | Click Add email addresses, enter the desired email address and click Add. |
| Sender display name | The display name of the sender | Click Add values, enter the user's display name and click Add. |
| Sender DNS | The DNS address of the sender | Click Add values, provide the sender DNS and click Add. |
| Sender domain | The domain address of the email sender | Click Add domains, enter the sender domain name and click Add. |
| Sender email address | The 'from' address of the email sender | Click Add email addresses, enter the desired email address and click Add. |
| Sender IP address | The IP address of the email sender | Enter the sender's IP address that you wish to validate. |
Recipient / To / Cc
| Parameter | Description | Value |
| Recipient count | Validates the number of recipients in the email | Provide a value between 1 to 100. |
| Recipient domain | Validates the domain address of the recipient | Click Add domains, enter one or more domain names and click Add. |
| Recipient's email policy | The email policy associated with the recipients | Select the email policy from the drop-down. |
| Recipient's group | The groups that the user is part of | Select the preferred group from the drop-down. |
| To/CC email address | The email address in the To/CC field | Click Add email addresses, enter the desired email address and click Add. |
Email Header
| Parameter | Description | Value |
| MIME Message ID* | The ID that can be gathered from a MIME email's header | Click Add values, enter the desired MIME value and click Add. |
| MIME size (in MB) | The size of the non-text attachment specified in MB | Enter a value between 1 to 40. |
| Subject | The subject of the email | Click Add values, enter the desired subject and click Add. |
| X-Mailer* | The desktop client from which the email was sent | Click Add values, enter the X-Mailer you wish to validate and click Add. |
| Header | The email header that needs to be verified for the provided values | Enter the Header Name and Header Value. |
Note:
- MIME message* - Multipurpose Internet Mail Extensions supports non-text email attachments. A MIME header is added to the original email header from where you can gather the unique content ID/message ID used to identify the message.
- X-Mailer* - Specifies which desktop client (For example, Apple client, Thunderbird, etc) was used to draft or send the email. Can be found in the email header.
Email Content
| Parameter | Description | Value |
| Content | The content of the email | Click Add values, enter the content to be validated and click Add. |
| Email language | The language in which the email was composed | Click Select languages, add the desired languages and click Add. |
| Originating country | The country from which the email was sent | Click Select countries, add the desired countries and click Add. |
| URL domain in content | The domain names of the URLs available in email content | Click Add domains, enter one or more domain names and click Add. |
| URL in content | The existence of specified URLs in the email content | Click Add values, provide the URL content to be validated and click Add. |
Attachment
| Parameter | Description | Value |
| Attachments | To check the malware content in the email attachment. | Select any one of the values given below:
|
| Has attachment | Checks if any file is attached | Select Yes or No from the drop-down. |
| Attachment size (in MB) | The size of the attached file in MB | Enter a value between 1 to 40. |
| Attachment type | The type of attached file | Click Select attachments, add the attachment types and click Add. You can also enable the Show add & import options toggle button ON to add any custom attachment type or import from CSV file. |
Domain Validations
| Parameter | Description | Value |
| SPF verification | The result of SPF verification | Select the desired authentication result from the available list:
|
| DKIM verification | The result of DKIM verification | Select the desired authentication result from the available list:
|
| DMARC verification | The result of DMARC verification | Select the desired authentication result from the available list:
|
Spam Validations
| Parameter | Description | Value |
| Has embed tags | The existence of embed tags in the email content | Select Yes or No from the drop-down. |
| Has form tags | The existence of form tags in the email content | Select Yes or No from the drop-down. |
| Has frame tags | The existence of iframe tags in the email content | Select Yes or No from the drop-down. |
| Has JavaScript content | The existence of javascript content in the email content | Select Yes or No from the drop-down. |
| Has macros | The existence of macros in the email content | Select Yes or No from the drop-down. |
| Has object tags | The existence of object tags in the email content | Select Yes or No from the drop-down. |
| Has shortened URL | The existence of shortened URLs in the email content | Select Yes or No from the drop-down. |
| Has suspicious macros | The existence of suspicious macros in the email content | Select Yes or No from the drop-down. |
| Has web bugs | The existence of web bugs in incoming email content | Select Yes or No from the drop-down. |
| Is potential spam | The existence of potential spam in the email content | Select Yes or No from the drop-down. |
| Is high confidence spam | The existence of high confidence spam in the email content | Select Yes or No from the drop-down. |
| Is phishing email | The existence of phishing content in the email received | Select Yes or No from the drop-down. |
| Is bulk email | Validates if the email received is a bulk email | Select Yes or No from the drop-down. |
| Contains mismatching URL | Verify if the URL in the email content is mismatched | Select Yes or No from the drop-down. |
Once you select the desired conditions, proceed to this step to complete setting up the rule.
Operating Parameters
| Operators | Description |
| is | The respective parameter in the incoming email should exactly match the given criteria value. |
| is not | The respective parameter in the incoming email should not match the given criteria value. |
| contains | The respective parameter in the incoming email doesn't have to be an exact match but will pass even if it contains the given criteria value. |
| does not contain | The respective parameter in the incoming email doesn't have to be an exact match but will pass if it does not contain the given criteria value. |
| begins with | The respective parameter in the incoming email should begin with the given criteria value. |
| ends with | The respective parameter in the incoming email should end with the given criteria value. |
| is empty | The respective parameter in the incoming email should be empty. |
| is not empty | The respective parameter in the incoming email should not be empty. |
| matches | The respective parameter in the incoming email should match the regular expression pattern. |
| does not match | The respective parameter in the incoming email should not match the regular expression pattern. |
| yes | The given condition should be true. |
| no | The given condition should be false. |
| is greater than | The respective parameter in the incoming email should only be greater than the given criteria value. |
| is lesser than | The respective parameter in the incoming email should only be lesser than the given criteria value. |
| is greater than or equal to | The respective parameter in the incoming email can be greater than or equal to the given criteria value. |
| is lesser than or equal to | The respective parameter in the incoming email can be lesser than or equal to the given criteria value. |
After selecting the Conditions and the Operating parameters, provide the values with respect to the chosen conditions that need to be verified against. Once done, proceed to select the Actions that needs to be performed for the emails with the chosen conditions.
Available Actions
The emails that match the specified conditions will be processed as per the actions defined in the rule. Select the necessary action and, if required, provide a value as given in the table that follows:
Spam marking
| Action | Description | Value |
| Move to spam | All the emails that satisfy the given condition/s will be moved to the spam folder of the recipient's inbox. | N/A |
| Provide spam score | Set spam score for the emails received. | Click Add score. Select either Low, Medium, or High from the drop-down and click Add. |
| Move to spam & Add custom header | Emails will be moved to spam folder along with the custom header value | Click Add header details, provide the header name and value and click Add. |
| Move to spam & Append text to subject | Emails will be moved to spam folder along with a text appended to the subject | Click Add subject, enter the text which you want to be appended to the subject and click Add. |
| Move to spam & Show warning message | Emails will be moved to spam folder along with a warning message | Click Add warning message, enter the warning text and click Add. |
Not Spam marking
| Action | Description | Value |
| Allow email to Mailbox | No action will be taken for the emails that satisfy the given condition/s. | N/A |
Email rejection
| Action | Description | Value |
| Permanent Reject | All the emails that satisfy the given condition/s will not be accepted by our servers and will be rejected permanently removing the chances of delivery retries | N/A |
| Reject without sending bounce email | Email gets rejected, but no bounce email will be sent to the sender | N/A |
Quarantine
| Action | Description | Value |
| Move to quarantine | Moves the email to Quarantine | N/A |
| Move to malware quarantine | Moves the email to malware Quarantine | N/A |
Email modifiers
| Action | Description | Value |
| Add custom header | Adds a custom value in the header | Click Add header details, provide the header name and value and click Add. |
| Append text to subject | Appends a text in the subject | Click Add subject, enter the text which you want to be appended to the subject and click Add. |
Email forwarding
| Action | Description | Value |
| Add BCC and deliver to recipient | Adds the BCC email address and delivers the email | Click Add BCC addresses, select the desired users to whom you wish to send a copy and click Add. |
| Forward the email | Forwards a copy of the email to the specified email address | Click Add forward addresses, select the desired users to whom you wish to forward the email and click Add. |
| Reroute the email | Reroutes the email to the email address provided. | Click Add routing addresses. Enter the email address you want the email received to be rerouted for and click Add. |
Rule Processing and Priority
Rules are processed based on the following levels:
- Reception Level are set to filter all the emails at the authentication level, thereby avoiding incoming volume of traffic.
- Content Level are set to filter all the emails based on the content such as email language, or attachment type.
- Forwarding Level are based on the email forwarding options that are set as the action for the condition given.
You can add any number of Incoming Rules to process different types of incoming emails. When there are multiple filters, the sequence of processing will be based on the priority of filters. The filter with the highest priority (1) will take precedence over the filters with lower priority (2). You can drag and drop the rules created in the rules list page to change the order of their execution.
However, you cannot change the order of filter levels, i.e, any rules applied specific to Forwarding Level(Priority 3) cannot be swapped with Reception Level(Priority 1) or Content Level (Priority2). They will always be listed according to their order of levels. Once an email matches the conditions of a particular rule, the actions specified in the rule will be applied to the email. The same email will not be scrutinized against the subsequent rules in the list.
Modify Incoming Rule
You can modify the existing incoming rules based on your requirements. Follow these steps to edit a rule:
- Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
- Navigate to Rules and select Incoming Rules.
- Select the desired rule and click Edit from the top right corner.
- Make the desired changes and click Update.
Additionally, you can search and edit the incoming rules based on the associated users. Navigate to the search bar and select the applicable to or not applicable to parameters from the listing as per your requirements. Choose a specific user from the list and press enter. All the incoming rules associated with or not associated with that particular user will be displayed. You can then select the rules from the list and make the required changes.
User-specific incoming rules can be viewed by selecting Users on the left pane of Admin Console. Under Anti-Spam Settings, select Incoming Rules to view the list of incoming rules applicable for that user.
Enable or Disable a Rule
To enable or disable a rule, follow these instructions:
- Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
- Navigate to Rules and select Incoming Rules.
- Toggle the status button to ON or OFF in order to enable or disable a rule.
Remove Rules
There can be situations where you no longer require a rule or a rule might have expired. In such scenarios, you can remove them using the delete option. Follow these steps to delete a rule:
- Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
- Navigate to Rules and select Incoming Rules.
- To remove a rule:
- Hover over an existing or expired rule and click the delete icon.
- Alternatively, you can select the desired rules, click Delete on the top menu and choose the required option:
- Delete selected rules
- Delete all expired rules
- Delete all rules
- Click Delete in the confirmation dialog that appears.