Incoming Rules

Incoming Rules are a set of conditions based on which administrators can decide which emails get to reach a user's mailbox. The rules can be associated with a specific user, a set of users or for the entire organization. Once a rule is enabled, emails get validated against the conditions specified in the rule before getting delivered to the intended recipient's mailbox.

Note:

  • It is mandatory to enable Organization Rules from the Spam Processing section in the Admin Console.
  • The Incoming Rules feature will be rolled out in a phased manner and be available only for organizations that use one of our paid plans.
  • If you want the option enabled for your organization, please reach out to us at support@zohomail.com.

Table of Contents

Create Incoming Rule

Follow these steps to create an Incoming Rule:

  1. Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
  2. Navigate to Rules and select Incoming Rules.
  3. Click the Create now button to add the first rule or click +Create button to add a new incoming rule.
    create-rule
  4. Provide a rule name and a description for the rule. If the entered rule name is already in use, "Name already exists" warning is shown.
  5. If required, set an Expiry Date by selecting the Set expiry date checkbox.
  6. Select either of the Condition Type from the below options:
    • Apply for matching conditions - When chosen, all the emails will be checked for the conditions mentioned.
    • No Conditions. Apply to all emails. - When chosen, all the emails you receive will go through the preferred action.
  7. Select one or more Conditions, the Operating parameter and the corresponding Action.
  8. Click +Add values under Conditions to enter multiple values separated by a delimiter which you can choose from Choose delimiter drop-down. Select Custom from the drop-down, to add your own custom delimiter for the values and select Update.
  9. Choose the users whom you want to select or exclude from the rule under the Apply To section:
    • All users - The rule will be applied to all the users in your organization.
    • Selected Users - The rule will be applied to the specific set of users you add.
    • Selected Groups/Shared Mailbox - The rule will be applied only to the users who are members of the specified groups/Shared Mailbox.
    • Excluded Users - The rule will not be applied to the selected list of users.
    • Excluded Groups/Shared Mailbox - The rule will not be applied to the users who are members of the selected groups/Shared Mailbox.
  10. Skip to this step if you chose All users.
  11. Select the users you want to add to the list and click Submit. You can also remove a user from the list by clicking the Delete icon next to the user.
  12. Select the Reset to default button when you have to clear all the selected conditions and provide a different criteria.

  13. Review your rule and do one of the following:

    • Create and enable rule - Your rule will not only be created but also be enabled automatically to start processing emails with respect to its conditions and actions.
    • Create rule - Your rule will only be created and not enabled. That means if you want the rule to be applied to the emails you receive, you will have to manually activate it.

    enable-rule

  14. Click Yes in the Confirm Action! dialog box.

  15. Select either Done or Go to created rule or Add more rules depending on your requirement once the rule is created successfully.

    Note:
    The new rule created will be highlighted in the list of rules section under Incoming Rules page.
    Highlighted new rule
  16. Hover over a rule in the list to rearrange it using the drag and drop icon. You can only drag and drop rules created within the same rule type indicated by your theme colored bar towards the left pane.
    . Drag-drop rules
  17. Alternatively, you can select the rule to be rearranged, and click the Reorder button on the top pane. Now select Move up or Move down from the list.
    Reorder rules
  18. Rearranging them automatically changes the rule processing priority based on the order they are currently listed. 

Note:
The maximum number of Incoming Rules that can be configured for an organization is 500.
 

Available Conditions

Zoho Mail provides multiple conditions based on which you can filter incoming emails. There can be more than one condition for a single rule depending on your organization's requirement. The various conditions are listed in the tables that follow:

 

Sender / From 
ParameterDescriptionValue
Is external senderChecks if the sender is not part of the organizationSelect Yes or No from the drop-down.
Is authenticated senderValidates whether the sender's identity is authenticatedSelect Yes or No from the drop-down.
New senderChecks if the email is received for the first time from the senderSelect Yes or No from the drop-down.
Reply-to email addressThe reply-to address of an incoming emailClick Add email addresses, enter the desired email address and click Add.
Return path domainThe reverse-path/ bounce address's domainClick Add domains, enter one or more domain names and click Add.
Return path email addressThe reverse-path/ bounce address of an incoming emailClick Add email addresses, enter the desired email address and click Add.
Sender display nameThe display name of the senderClick Add values, enter the user's display name and click Add.
Sender DNSThe DNS address of the senderClick Add values, provide the sender DNS and click Add.
Sender domainThe domain address of the email senderClick Add domains, enter the sender domain name and click Add.
Sender email addressThe 'from' address of the email senderClick Add email addresses, enter the desired email address and click Add.
Sender IP addressThe IP address of the email senderEnter the sender's IP address that you wish to validate.

 

Recipient / To / Cc
ParameterDescriptionValue
Recipient countValidates the number of recipients in the emailProvide a value between 1 to 100.
Recipient domainValidates the domain address of the recipientClick Add domains, enter one or more domain names and click Add.
To/CC email addressThe email address in the To/CC fieldClick Add email addresses, enter the desired email address and click Add.

 

Email Header
ParameterDescriptionValue
MIME Message ID*The ID that can be gathered from a MIME email's headerClick Add values, enter the desired MIME value and click Add.
MIME size (in MB)The size of the non-text attachment specified in MBEnter a value between 1 to 40.
SubjectThe subject of the emailClick Add values, enter the desired subject and click Add.
X-Mailer*The desktop client from which the email was sentClick Add values, enter the X-Mailer you wish to validate and click Add.
HeaderThe email header that needs to be verified for the provided valuesEnter the Header Name and Header Value.

Note:

  • MIME message* - Multipurpose Internet Mail Extensions supports non-text email attachments. A MIME header is added to the original email header from where you can gather the unique content ID/message ID used to identify the message.
  • X-Mailer* - Specifies which desktop client (For example, Apple client, Thunderbird, etc) was used to draft or send the email. Can be found in the email header.

 

Email Content
ParameterDescriptionValue
ContentThe content of the emailClick Add values, enter the content to be validated and click Add.
Email languageThe language in which the email was composedClick Select languages, add the desired languages and click Add.
Originating countryThe country from which the email was sentClick Select countries, add the desired countries and click Add.
URL domain in contentThe domain names of the URLs available in email contentClick Add domains, enter one or more domain names and click Add.
URL in contentThe existence of specified URLs in the email contentClick Add values, provide the URL content to be validated and click Add.

 

Attachment
ParameterDescriptionValue
AttachmentsTo check the malware content in the email attachment.

Select any one of the values given below:

  • Known malware
  • Encrypted attachment
  • Unknown malware
Has attachmentChecks if any file is attachedSelect Yes or No from the drop-down.
Attachment size (in MB)The size of the attached file in MBEnter a value between 1 to 40.
Attachment typeThe type of attached fileClick Select attachments, add the attachment types and click Add.
You can also enable the Show add & import options toggle button ON   to add any custom attachment type or import from CSV file. 

 

Domain Validations
ParameterDescriptionValue
SPF verificationThe result of SPF verification

Select the desired authentication result from the available list:

  • Pass
  • Soft fail
  • Neutral
  • Fail
  • None
DKIM verificationThe result of DKIM verification

Select the desired authentication result from the available list:

  • Pass
  • Neutral
  • Fail
DMARC verificationThe result of DMARC verification

Select the desired authentication result from the available list:

  • Pass
  • Fail

 

Spam Validations
ParameterDescriptionValue
Has web bugsThe existence of web bugs in incoming email contentSelect Yes or No from the drop-down.
Has JavaScript contentThe existence of javascript content in the email contentSelect Yes or No from the drop-down.
Has macrosThe existence of macros in the email contentSelect Yes or No from the drop-down.
Is bulk emailValidates if the email received is a bulk emailSelect Yes or No from the drop-down.
Has frame tagsThe existence of iframe tags in the email contentSelect Yes or No from the drop-down.
Has object tagsThe existence of object tags in the email contentSelect Yes or No from the drop-down.
Has embed tagsThe existence of embed tags in the email contentSelect Yes or No from the drop-down.
Has form tagsThe existence of form tags in the email contentSelect Yes or No from the drop-down.
Has shortened URLThe existence of shortened URLs in the email contentSelect Yes or No from the drop-down.
Has suspicious macrosThe existence of suspicious macros in the email contentSelect Yes or No from the drop-down.

Once you select the desired conditions, proceed to this step to complete setting up the rule.

 

Operating Parameters
OperatorsDescription
isThe respective parameter in the incoming email should exactly match the given criteria value.
is notThe respective parameter in the incoming email should not match the given criteria value.
containsThe respective parameter in the incoming email doesn't have to be an exact match but will pass even if it contains the given criteria value.
does not containThe respective parameter in the incoming email doesn't have to be an exact match but will pass if it does not contain the given criteria value.
begins withThe respective parameter in the incoming email should begin with the given criteria value.
ends withThe respective parameter in the incoming email should end with the given criteria value.
is emptyThe respective parameter in the incoming email should be empty.
is not emptyThe respective parameter in the incoming email should not be empty.
matchesThe respective parameter in the incoming email should match the regular expression pattern.
does not matchThe respective parameter in the incoming email should not match the regular expression pattern.

After selecting the Conditions and the Operating parameters, provide the values with respect to the chosen conditions that need to be verified against. Once done, proceed to select the Actions that needs to be performed for the emails with the chosen conditions by selecting the +icon. This will list the corresponding actions pertaining to the primary one selected.
  

Multiple actions

 

The emails that match the specified conditions will be processed as per the actions defined in the rule. Select the necessary action and, if required, provide a value as given in the table that follows:

Available Actions

Spam marking
ActionDescriptionValue
Move to spamAll the emails that satisfy the given condition/s will be moved to the spam folder of the recipient's inbox.N/A

 

Not Spam marking
ActionDescriptionValue
Allow email to Mailbox No action will be taken for the emails that satisfy the given condition/s.N/A

 

Email rejection
ActionDescriptionValue
Permanent RejectAll the emails that satisfy the given condition/s will not be accepted by our servers and will be rejected permanently removing the chances of delivery retriesClick Add message (optional), enter the custom error message you want to include and click Add.
Reject without sending bounce emailEmail gets rejected, but no bounce email will be sent to the senderN/A

 

Quarantine
ActionDescriptionValue
Move to quarantineMoves the email to QuarantineN/A

 

Email modifiers
ActionDescriptionValue
Show warning messageShows the configured warning message in the email previewClick + Add warning message, enter the warning message you wish to add and select Add.
Append custom X-HeaderAdds a custom value in the headerClick + Add header details, provide the header name and value and click Add.
Append text to subjectAppends a text in the subjectClick + Append text, enter the text which you want to be appended to the subject and click Add.

Note:

You can select the subsequent action after adding the Email modifiers as Move to spam under Spam marking.

Email forwarding
ActionDescriptionValue
Add BCC and deliver to recipientAdds the BCC email address and delivers the emailClick Add BCC addresses, select the desired users to whom you wish to send a copy and click Add.
Forward the emailForwards a copy of the email to the specified email addressClick Add forward addresses, select the desired users to whom you wish to forward the email and click Add.

Filter

Once the rules are created, they are listed under Incoming Rules home page. You can view and filter the rules based on their status/action. Follow the below steps to perform the filter operation:

  1. Select Filter button on the Incoming Rules home page.
  2. Click the desired status/action from the drop-down. The types of rules based on the status are:
    • Active Rules - Lists all the rules where the status is marked active.
    • Inactive Rules - Lists all the rules where the status is marked inactive.

    • Expired Rules - Lists all the rules where the set expiry date of the specific rule has been lapsed. However, you can modify the expiry date of a rule by hovering over the status and selecting a different date.

      Note: The expired rules are also included in the filtered list when Inactive Rules is selected from the Filter drop-down.
  3. Select Action from the Filter drop-down to filter rules based on the available actions.

Rule Processing and Priority

Incoming Rules allow administrators to automatically handle incoming emails based on specific rules and conditions. When multiple rules are created, the order in which they are evaluated becomes crucial to ensure that each email is processed correctly. Zoho Mail uses two types of priority to determine how rules are applied:

Filter level priority

Every incoming rule belongs to one of the three predefined filter levels. These levels determine the sequence in which rules are executed. The order of these levels is fixed and cannot be modified:

  1. Reception Level are set to filter all the emails at the authentication level, thereby avoiding incoming volume of traffic.
  2. Content Level  are set to filter all the emails based on the content such as email language, or attachment type.
  3. Forwarding Level are based on the email forwarding options that are set as the action for the condition given.

You can add any number of Incoming Rules to process different types of incoming emails. But the filter with the highest level/priority (1) will take precedence over the filters with lower level/priority (2). While the overall level order is fixed, i.e, any rules applied specific to Forwarding Level (Priority 3) cannot be swapped with Reception Level (Priority 1) or Content Level (Priority2), you can reorder the multiple rules created under the same filter level by dragging them within the rule list. This allows you to fine-tune the processing sequence for rules serving similar purposes.

Once an email matches the conditions of a particular rule, the actions specified in the rule will be applied to the email. The same email will not be scrutinized against the subsequent rules in the list.

Apply To priority

When you create an incoming rule, you can choose who the rule applies to or excludes using the Apply To section. Each selection type has its own priority, and the rule is evaluated based on these priorities:

  • All Users
    • Selected users (priority 2)
    • Selected groups/Shared Mailbox (priority 4)
  • Exclude users or groups
    • Exclude users (priority 1)
    • Exclude groups/Shared Mailbox (priority 3)

When a rule is evaluated, the system checks the selected and excluded entities in the order of their priority. This ensures that higher-priority exclusions or inclusions override lower-priority selections.

Below are detailed examples to illustrate this:

Case 1:  If a user is added under Exclude users, the rule will not be applied to that user, even if the group they belong to is included under Selected groups/Shared Mailbox. This happens because Exclude users has the highest priority and is processed first.

Case 2: If a user’s group is added under Exclude groups/Shared Mailbox, but the individual user is added under Selected users, the rule will apply to that user. This is because Selected users has a higher priority than Exclude groups/Shared Mailbox

Case 3: When a user is added under Exclude users, and no other selections are made under the All Users category, the rule will still be applicable to all users by default, except for the users listed under Exclude users. This happens because All Users is considered the default scope for every rule.

Modify Incoming Rule

You can modify the existing incoming rules based on your requirements. Follow these steps to edit a rule:

  1. Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
  2. Navigate to Rules and select Incoming Rules.
  3. Select the desired rule and click Edit from the top right corner.
  4. Make the desired changes and click Update.

Additionally, you can search and edit the incoming rules based on the rule name, or associated users. Navigate to the search bar on the top right corner and select the contains or applicable to parameters from the listing as per your requirements. Type in a rule name, or select a specific user from the list and press enter. All the incoming rules satisfying the search will be displayed. You can then select the rules from the list and make the required changes.
Search rules

User-specific incoming rules can be viewed by selecting Users on the left pane of Admin Console. Under Anti-Spam Settings, select Incoming Rules to view the list of incoming rules applicable for that user.

user-rule

Enable or Disable a Rule

To enable or disable a rule, follow these instructions:

  1. Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
  2. Navigate to Rules and select Incoming Rules.
  3. Toggle the status button to   ON or   OFF in order to enable or disable a rule.
    Toggle-ON-OFF

Remove Rules

There can be situations where you no longer require a rule or a rule might have expired. In such scenarios, you can remove them using the delete option. Follow these steps to delete a rule:

  1. Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
  2. Navigate to Rules and select Incoming Rules.
  3. To remove a rule:
    1. Hover over an existing or expired rule and click the   delete icon.
      Hover-delete
    2. Alternatively, you can select the desired rules, click Delete on the top menu and choose the required option from the drop-down:
      • Delete selected rules
      • Delete all expired rules
      • Delete all rules
        Delete-selected-rule

        Note:
        When a filter is applied, the Delete drop-down includes additional value of Delete filtered rules for quick deletion of rules that satisfies a specific filter.
    3. Click Delete in the confirmation dialog that appears.

Still can't find what you're looking for?

Write to us: support@zohomail.com