Smart banners

When you turn on Smart banners, a banner is displayed at the top of inbound email messages to show if the email is trusted.

Note Smart banners are only inserted when emails are received from outside the organization. If an internal employee forwards such an email to another internal employee, the banner remains in the forwarded email.

Email recipients can add senders to their allow and block lists from within the email if you have enabled this option in Sophos Central Self Service Portal.

To do this, go to Self Service Settings and turn the Allow / Block List option on.

If a sender is already allowed, no allow or block links are displayed in the banner.

Emails from Sophos, for example Quarantine Summary emails, will not display banners.

Smart banners are also used by the Impersonation Protection feature. If you turn Smart banners off, Impersonation Protection still works but can't add banners to emails.

Warning We strongly recommend that you route outbound email through Sophos Central before you turn on smart banners. If you don’t, external recipients see the banner in replies or forwarded email and can modify end-user allow and block lists.

Types of smart banner

Smart banners use different colors and messages to show whether an email passed DNS checks. The checks include DKIM, SPF, and DMARC.

The different types of banner are as follows:

  • Trusted: This banner is green. It shows that the email sender is in the allowed list and passed DMARC.

    Example green smart banner
  • External: This banner is yellow. It shows that DNS checks showed one of the following:
    • The sender isn't in the allow list and one of the DNS checks successfully passed.
    • The sender is in the allow list and one of the DNS checks failed.
    • The sender is in the allow list, and the Trusted smart banner is turned off.

    Example yellow smart banner
  • Untrusted: This banner is amber. It shows that the email sender didn't match the conditions for External or Trusted.

    Example amber smart banner

You can turn each type of smart banner on or off. Go to Email Gateway > Policies, select a policy and click Settings.

You can edit the settings for the banners. This controls the actions users can see in each banner.

Choose from the following options:

  • Allow Sender: The sender's email address is added to an allow list.
  • Block Sender: The sender's email address is added to a block list.
  • Report Spam messages to Sophos: Users can report a message as spam to SophosLabs. This helps us improve our spam detection.