Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=email-smart-banners

End-user message settings

When you turn on End-user message settings, a banner or a message tag is displayed at the top of inbound messages to show whether the message is trusted.

End-user message settings let you specify different colors and messages to show whether a message passed DNS checks. The checks include DKIM, SPF, and DMARC.

You can turn end-user message settings on or off. You can also turn each type of end-user message setting on or off.

End-user message settings are added to HTML format or plain text messages received from outside the organization.

If a member of your organization forwards a message to another member of your organization, the banner remains in the forwarded message.

Messages from Sophos, for example Quarantine Summary messages, don't contain banners.

Warning

If you turn on End-user message settings, and are using a Google email server, you may see DMARC failures reported for inbound messages.

This might be because Google doesn't consistently process messages from IP addresses in its Gateway IPs list. To check your email settings and find out more, see Restrict delivery to Sophos IP addresses.

Types of End-user message settings

The different types of banner are as follows:

  • Trusted: This banner is green. It shows that the sender is in the allow list and the email passed the DMARC check.

    Example green end-user message setting.

  • External: This banner is yellow. It shows that DNS checks showed one of the following:

    • The sender is in the allow list and the email passed the DMARC check, but the Trusted banner is turned off.
    • The sender isn't in the allow list and the email passed the DMARC check.
    • The sender hasn't set the DMARC record in DNS, so we can't evaluate whether the email passed or failed the DMARC check.

    Example yellow end-user message setting.

  • Untrusted: This banner is orange. It shows that the DMARC policy is set, but the email failed the DMARC check.

    Example orange end-user message setting.

You can turn each type of end-user message setting on or off. Go to Email Security > Policies, select a policy and click Settings.

You can edit the settings and the predefined text of the banners. This controls the actions users can see in each banner.

Choose from the following options:

  • Allow sender: The sender's email address is added to an allow list.
  • Block sender: The sender's email address is added to a block list.
  • Report Spam messages to Sophos: If this feature is turned on, when users block a sender they can also report the message as spam to SophosLabs. This helps us improve our spam detection.

Note

For plain text messages, the banner is in text-only form, using the same content you set, and is shown at the beginning of the email body.

End-user message settings can contain links that email recipients can click. These add the sender's address to an allow or block list.

If you've configured Allow sender and Block sender in the banners and want recipients to use allow and block lists, you must also turn on Allow / Block List in Self Service Settings.

To see the Allow sender and Block sender links in the banners, do as follows:

  1. Go to My Products > General Settings > Self Service Settings.
  2. Turn on Allow / Block List.

  3. Click Save.

    When you receive inbound messages, you should be able to see the links in the banners.

We strongly recommend that you route outbound email through Sophos Central before turning on end-user message settings. External recipients see banners in replies or forwarded emails if you don't.

You must route your outbound email through Sophos Central to use links in end-user message settings.

Note

There will be no options to include the Allow sender or Block sender links, normally available in the HTML end-user message settings, as emails are in plain text only.

Reporting spam to SophosLabs

You can also give recipients the option to report messages to SophosLabs.

This is our preferred method of reporting spam and other malicious messages to us. It helps us improve our detection methods and learn about new threats. This gives you better protection.

When you turn on Report Spam messages to Sophos, users see an option to report the message to SophosLabs after selecting Block sender.