Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/SelfService/help/en-us/index.html?contextId=Email-Allow-Block-Report-Smart-banners

Smart banners

When you receive emails, a colored smart banner at the top helps you assess if the email is safe or not. Emails from Sophos or your organization won't contain smart banners. Here's what each smart banner means:

  • Green (Trusted): The sender is approved, and the email passed security checks.
  • Yellow (External): The sender's legitimacy is uncertain, requiring further validation.
  • Orange (Untrusted): The email didn't pass security checks.
  • Red (Impersonation): Someone's impersonating another individual or entity.

What you can do

  • Allow sender: If you trust the sender, you can add them to your allow list.
  • Block sender: If you don't trust the sender, you can stop their emails from reaching you.

You can also report suspicious emails to Sophos. See Report spam messages to Sophos.

If you accidentally blocked a trusted sender, remove them from the block list and then add them to the allow list. See Allow a sender again.

Note

  • If your administrator changes global settings, like allowing blocked senders, you might receive emails differently.
  • If an email doesn't have a smart banner, treat it like a potentially risky one.

Note

For plain text emails, the following behavior applies:

  • The smart banner shows as text at the beginning of the email body, using the same content you've set.
  • The smart banner remains visible in reply or forwarded emails.