Smart banners

When you turn on Smart banners, a banner is displayed at the top of inbound email messages to show if the email is trusted.

Note Smart banners are only inserted when emails are received from outside the organization. If an internal employee forwards such an email to another internal employee, the banner remains in the forwarded email.

Email recipients can add senders to their allow and block lists from within the email if you have enabled this option in Sophos Central Self Service.

To do this, go to Self Service Settings and turn the Allow / Block List option on.

If a sender is already allowed, no allow or block links are displayed in the banner.

Emails from Sophos, for example Quarantine Summary emails, will not display banners.

Smart banners are also used by the Impersonation Protection feature. If you turn Smart banners off, Impersonation Protection still works but can't add banners to emails.

Warning We strongly recommend that you route outbound email through Sophos Central before you turn on smart banners. If you don’t, external recipients see the banner in replies or forwarded email and can modify end-user allow and block lists.

You can turn on and off the following banner types:

  • Trusted: The email was sent from an allowed sender and passed DNS authentication (SPF, DKIM, or DMARC).
  • Unknown: The email was sent from outside your organization.
  • Untrusted: The email was sent from outside your organization and failed DNS authentication (SPF, DKIM, or DMARC).