Microsoft 365 from GoDaddy Help

Get started with Advanced Email Security

Welcome to Advanced Email Security powered by INKY! These are some of the top tasks we recommend to start customizing your new add-on.

Required: This article is for Advanced Email Security powered by INKY. You can verify that you have INKY by signing in and checking if there's a blue header that includes "Powered by INKY" displayed at the top of your dashboard. See customization options for Advanced Email Security from Proofpoint.
dashboard banner

Select a task to jump to that section:

Allow list or block list

With Advanced Email Security, all incoming email is flagged with a banner informing the recipient of its threat level. You can view all received emails in your Threat Details page, where you can filter out dangerous email or disable warnings for trusted senders. If you trust the message, add it to your Allow List to prevent similar messages from being flagged. Otherwise, add it to your Block List so similar messages always get a warning.

Note: We recommend adding the email to your allowed list instead of the domain, unless you're certain the domain can be trusted. Once the domain is added, Advanced Email Security won't know if the domain was spoofed and can't warn you about compromised email.

  1. Sign in to Advanced Email Security. Select Sign in using Microsoft account and use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
  2. Select Threat Details.
    Threat Details
  3. Use the menus to sort your results using some or all the following categories:
    • Minimum Threat Level: Filters messages with Neutral, Caution, or Danger banners.
    • Reason: Filters by a specific type of warning, such as a misleading link or suspicious URL.
    • Reported Messages: Filters by messages included or not included in user reports. Not selecting this filter displays all messages.
    • Message-ID: Filters to a specific message by its unique ID (located in the email header).
    • Recipient Email Address: Filters messages to those received by a specific email address.
    • Filter by Selected Date Range: Confirm the box is checked to filter messages received within a specific time period. In the bottom left corner, select the start and end dates to choose your date range. Uncheck the box to remove this search criteria.

    Note: Try setting the threat level to Danger and reported messages to those included with user reports. This will show you the emails that need the most amount of tuning. You can then filter to the lower threat levels as needed.

  4. Select Refresh List.
  5. You'll see a list of all messages that meet your filter criteria. Select a message, then select Allow List Actions or Block List Actions located below its banner. Emails and domains added to Allow or Block lists can’t be deleted but can be disabled.
  6. Note: Your available actions are based on the type of threat and might differ depending on the messages.

  7. Under Remediation, delete a message from the mailbox if it shouldn't be accessed by a user.
  8. Under User Reports, provide feedback of misclassified messages to INKY. Select confirm to confirm the user report is correct, or select reject to reject it.
  9. If the email was miscategorized, under Report Feedback, select Report This Email to make a policy change, like to add the sender address as a trusted sender.

Back to top

VIP spoofing protection

Add names and email addresses of executives, commonly spoofed employees, or important external contacts to your VIP List. If an incoming email appears to come from one of these people but is actually from an impersonator, Advanced Email Security will alert you that it's really a spoofed VIP.

  1. Sign in to Advanced Email Security. Select Sign in using Microsoft account and use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
  2. Select VIP List.
    VIP List
  3. In the upper-right corner, select the checkbox to Enable VIP spoofing checks.
  4. To add a VIP, select Add Person, enter the contact details, and select Add. You can add multiple email addresses by separating them with commas.
    Add Person
  5. Note: It's good practice to add all the VIP's personal and business email addresses. That way, if they send an email from any of their personal emails, it won't be flagged as spoofing.

  6. (Optional) Add multiple VIP contacts with a CSV file. Select Import CSV, then Continue. Then choose and open your CSV file.

Back to top

When you select a link you've received in an email, Advanced Email Security checks the URL in real time to help ensure it's safe. By default, link rewriting is enabled for your organization when you add Advanced Email Security (and we recommend leaving it enabled), but you can customize your options if needed.

  1. Sign in to Advanced Email Security. Select Sign in using Microsoft account and use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
  2. Select Settings.
    Settings button in the menu on the left
  3. Go to the Link Rewriting section.
  4. (Optional) By default, INKY rewrites all links. To disable link rewriting for your organization, clear the checkbox.
    • To exclude URLs from specific senders, select 0 exceptions, enter the sender's details, and then select Save.
  5. (Optional) By default, INKY won't allow users to proceed to a site it classifies as dangerous. To allow users to proceed, clear the checkbox.
  6. (Optional) By default, INKY requires users' confirmation before continuing if a URL or message is classified as harmful or dangerous. To change when confirmation is required, select your desired option:
    • Next to Trusted 3rd Party / Internal mail, select when to require confirmation for links from trusted senders and other users in your organization.
    • Next to External mail, select when to require confirmation for links and messages sent from addresses outside of your organization.
  7. At the bottom of the page, select Save Changes. Changes can take up to an hour to take effect.

Back to top

Trusted third-party senders

If you use a third-party to send messages on behalf of your users, such as an email marketing product (like GoDaddy Email Marketing or MailChimp), Advanced Email Security might flag these messages as internal-sender spoofing. To prevent these warnings, add any third-party senders to your Trusted Third-Party Senders list.

  1. Sign in to Advanced Email Security. Select Sign in using Microsoft account and use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
  2. Select Settings.
    Settings
  3. Next to Domain mapping, enter the sender's domain name (use a comma to separate multiple domain names).
  4. Select the checkbox to Treat messages sent by these third parties as internal mail.
    Domain mapping list
  5. At the bottom of the page, select Save Changes. Changes can take up to an hour to take effect.

Back to top

Spear phishing protection

Advanced Email Security continuously learns and makes predictions to prevent spear phishing, targeted attacks impersonating an individual or business you trust. After you've had Advanced Email Security for a week or two, the technology will have established patterns to prevent spear phishing. At that time, enable spear phishing warnings so you know if an email is trying to trick you into doing something harmful.

  1. Sign in to Advanced Email Security. Select Sign in using Microsoft account and use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
  2. Select Settings.
    Settings
  3. Select the checkbox under Spear Phishing Protection.
  4. At the bottom of the page, select Save Changes. Changes can take up to an hour before they take effect.

Back to top

More info