My email is blocked in quarantine, why?

The Protect antispam filter is applied by default to all emails, including those from allowed senders.
This ensures a high level of security, even when the sender has been explicitly approved.

If you prefer certain filters not to apply to allowed senders, you can individually disable these options in the Protect Settings.
Each filtering rule can be adjusted independently according to your needs.

Log in to your Mailinblack space and go to your Protect area.

If an email has not been received, click on the Trace an email icon to find out the reason:

The email is blocked because the authentication request has not yet been fulfilled by the sender.

The sender appears in the list of banned addresses.
In this case, all emails coming from this sender are automatically blocked.
By viewing the message details (email trace), you can see the corresponding ban rule and decide whether you want to modify or delete it.

Protect uses a proprietary artificial intelligence engine capable of anticipating the moderation of pending emails.
When this predictive analysis detects an email that would have been banned, the message is automatically blocked and placed in the Banned category, even if the sender is not explicitly banned.

You can adjust or disable this predictive banning option in Protect Settings if you wish to change its behavior.

Mailinblack's antivirus has detected suspicious content, potentially infected.

Mailinblack's anti-spam processing can classify it as spam for various reasons:

- Blacklisted RBLs: lists that reference IP addresses emitting spam**.**

- Internal SPF (it is probably a spoofing attempt): the email is sent from a domain known by the platform, but coming from outside and whose origin cannot be verified. Indeed the sending IP is not authorized to send emails in the SPF field of the sending domain name. This is considered spoofing.

- External SPF control (SPF have indicated FAIL): if an email is sent via an IP other than those declared in the SPF field, it will be considered illegitimate or as a spoofing email.

For more information on SPF, go to: “My emails are categorized as spam because of SPF, why?”

Two checks are used to detect this type of email:

- A first check is done during SPF checks on customer protected domains if the SPF returns a fail for an address from a customer's internal domain then the email will be categorized as Spearphishing.

- A second check involves analyzing various information about the sender such as their name and envelope and header addresses in order to detect attempts to deceive the recipient and therefore a potential danger.

For more information on Spearphishing, go to: "How does Mailinblack fight Spearphishing?"

This feature allows for more precise threat classification, thus reducing the risk that spam will slip through the net. If our AI detects an email as spam, it will classify it accordingly.

You can choose whether or not to apply this filtering to your authorized senders via the "Apply the AI filter on emails from authorized senders" setting.

​