Smart banners
When you receive emails, a colored smart banner at the top helps you assess if the email is safe or not. Emails from Sophos or your organization won't contain smart banners. Here's what each smart banner means:
- Green (Trusted): The sender is approved, and the email passed security checks.
- Yellow (External): The sender's legitimacy is uncertain, requiring further validation.
- Orange (Untrusted): The email didn't pass security checks.
- Red (Impersonation): Someone's impersonating another individual or entity.
What you can do
- Allow sender: If you trust the sender, you can add them to your allow list.
- Block sender: If you don't trust the sender, you can stop their emails from reaching you.
You can also report suspicious emails to Sophos. See Report spam messages to Sophos.
If you accidentally blocked a trusted sender, remove them from the block list and then add them to the allow list. See Allow a sender again.
Note
When reviewing emails with smart banners, keep these points in mind:
- If your administrator changes global settings, such as allowing blocked senders, emails that were previously blocked may be delivered or shown with a different smart banner.
- If an email doesn't have a smart banner, treat it like a potentially risky one.
Banner display
The smart banner displays differently in HTML emails and plain text emails.
-
HTML emails
The smart banner appears at the top of the email with a background color that reflects the message status.
-
Plain text emails
The smart banner shows as text at the beginning of the email body, using the content configured by your administrator.
Note
If a member of your organization replies to or forwards an inbound email to another member, the smart banner can remain visible in the message.