Overview:
The rule below forwards all user-reported emails, both simulation and non-simulation, to PhishArm.
Reported emails first go to an internal mailbox, either tagged as phishing or junk, and then get redirected to PhishArm.
The image below shows an example of the mail flow rule. Please scroll down to follow the setup steps.
The following steps will help you add the Mail flow rules:
Navigate to Mail flow > Rules, then click the + icon to create a new rule.
It’s a good idea to copy any existing rules first, just in case you need to refer back to them later.
From the + (Add new rule) drop-down menu, select Create a new rule… to get started.
In the New Rule window, enter a name for your rule in the Name field—this will help you easily identify it later.
From the Apply this rule if… drop-down menu, choose The recipient is this person…
In the Specified words or phrases pop-up, enter the email address of the internal mailbox you set up earlier.
Click the plus (+) sign on the right to add another condition.
Under the Apply this rule if… drop-down, select The subject or body, then choose subject includes any words.In the pop-up window, add the following two tags 'Phishing' and 'Junk'.
7. From the Do the following… drop-down menu, select Redirect the message to, then choose these recipients from the options.
Search for the right-hand reporting email, for example, [email protected], select it, and then click Save to add the recipient.
8. Now, click on the Next button and scroll down and check the box for "Stop processing more rules"
9. Click on Next and then the Finish button. The rule will appear in the list.
10. Click on the rule to open the settings panel.
Turn on the rule by toggling the switch, then click on Rule Settings.
Set the Priority to 0, and don’t forget to click Save to apply your changes.
11. After that, the rule will appear enabled at the top of the list.
The configuration has been successfully set up :)