Inbound Email and Domain Rules
The XRM module includes a subsystem for managing inbound email routing and filtering. Four configuration areas work together to define how incoming email is handled: domain-level rules filter by sender domain, email address configuration defines recipient behaviour, email-level rules filter by sender address, and quarantine records hold messages flagged for review.
Architecture
Inbound email processing follows a layered evaluation model:
Domain rules
Domain rules filter inbound email at the sender's domain level before any per-address processing occurs.
| Field | Purpose |
|---|---|
domain_id | The receiving domain this rule applies to |
inbound_sender_domain_matches_text | Sender domain patterns to match |
inbound_sender_domain_match_type | Match strategy: exact or regex |
inbound_sender_domain_match_rule | Action to take (e.g. drop, quarantine) |
inbound_sender_domain_match_destination | Optional forwarding destination |
Match types
exact— the sender's domain must exactly match one of the values in the arrayregex— the sender's domain is tested against each array entry as a regular expression
Email address configuration
Email address configuration controls how specific recipient email addresses, identified by their local part, behave by default.
| Field | Purpose |
|---|---|
domain_id | The receiving domain |
inbound_email_recipient_local_parts | Local parts this config applies to (e.g. sales, accounts) |
inbound_email_default_match_rule | Default action for unmatched senders |
inbound_email_default_destinations | Default forwarding addresses |
inbound_email_quarantine_retention_days | How long quarantined messages are kept (default: 90) |
inbound_email_quarantine_notification_frequency | Notification schedule |
inbound_email_quarantine_notification_day | Day of week/month for notifications |
Default match rules
| Code | Meaning |
|---|---|
D | Drop — discard the message silently |
Q | Quarantine — hold for review (default) |
ID | Identify and drop — log the message then discard |
IQ | Identify and quarantine — log and hold for review |
F | Forward — deliver to the configured destinations |
Notification frequency
| Code | Meaning |
|---|---|
I | Immediate — notify on each quarantined message |
D | Daily digest |
W | Weekly digest (notification day: 0=Monday, 6=Sunday) |
M | Monthly digest (notification day: 0=last day of month, 1–31=day) |
Email rules
Email rules provide sender-specific overrides for a configured email address. They evaluate after the domain rules pass and allow finer-grained control.
| Field | Purpose |
|---|---|
email_id | The email address configuration this rule belongs to |
inbound_sender_email_local_part_matches_text | Sender local parts to match (e.g. spam, noreply) |
inbound_sender_email_match_type | Match strategy: EXACT or REGEX |
inbound_sender_email_match_rule | Action to take (same codes as default match rules) |
inbound_sender_email_match_destinations | Optional override forwarding addresses |
Quarantine items
Messages that are quarantined are stored with full headers and optional body content.
| Field | Purpose |
|---|---|
domain_id | The receiving domain |
message_from_email | Sender address |
message_to_email | Recipient address |
message_subject | Email subject line |
message_body_text | Plain text body |
message_body_html | HTML body |
message_object_store_identifier | Object storage bucket/container identifier |
message_object_key | Object storage key for the full message |
message_action | The action that was applied |
message_destination | Where the message was or would be forwarded |
Traceability
Each quarantine item records which domain, email address, or sender rule caused it to be held. This allows administrators to trace why a specific message was quarantined and adjust rules accordingly.
Object storage
For large messages, the full content may be stored in external object storage. The quarantine record keeps the storage reference, while the text and HTML body fields may contain a truncated preview or be empty if the full content is only in object storage.
Authorisation
Inbound email settings and quarantine records are scoped to the tenant. Authenticated users can review relevant configuration and quarantine history, while changes require the appropriate permissions.