Posted by Nishi on 22 January 2025
Email Policies help the administrators control the organization's email sending and receiving parameters. In Zoho Mail, you can define multiple email policies and apply them to various sets of users and groups. You can define email policies to restrict email access from other devices, other networks and also add account restrictions in the email policies.
It also helps the administrator to define and apply different privilege levels and restrictions to users and groups based on their role, requirement, and permissions in the organization. The different types of policies that can be set using Zoho Mail's secure email policy can be classified based on email and domain, access, account and email forwarding restrictions.
Zoho Mail applies the default Zoho Mail Business Policy to users and groups on creation. You can create new policies based on your organization's requirement and apply them to specific users and groups.
In this section, you can define the allowed or blocked domains, email addresses, attachment types and the subject text for incoming and outgoing emails.
The options available under domain restrictions are:
You can define the restrictions for incoming emails, outgoing emails or for both. You can allow or block certain domains for incoming and/or outgoing emails.
Allow: When you specify a domain as allowed domain for outgoing, the users and groups for whom the policy is applied will be able to send emails only to those domains. When they send emails to other domains, the outgoing server will reject them and bounce the email back to the sender.Block: When you specify a domain as a blocked domain, emails can be sent to all the domains, other than the ones specified in the blocked domain.Org Domains only: You can also allow email sending or receiving within the organization domains alone. When this restriction is applied, emails cannot be sent outside the organization domains or received from external accounts.
You can choose no restrictions to allow sending and receiving of emails without any domain restrictions.
The options available under email address restrictions are:
You can define the restrictions for incoming emails, outgoing emails or for both. You can allow or block certain email addresses for incoming and/or outgoing emails.
Allow: When you specify an email address as allowed email address for outgoing, the users and groups for whom the policy is applied will be able to send emails only to those email addresses. When they send emails to other email addresses, the outgoing server will reject them and bounce the email back to the sender. The same can be applied to incoming emails as well. When the restriction is applied for incoming, the incoming emails are delivered only from the allowed email addresses. Any email from the other email addresses not specified in the list will be rejected (bounced back). Block: When you specify an email address as blocked email address, the emails can be sent to all the email addresses, other than the one specified in the blocked email addresses.
You can choose no restrictions to allow sending and receiving of emails without any email address restrictions.
The options available under attachment restrictions are:
You can define the attachment type restrictions for incoming, outgoing or for both. You can allow or block certain attachment types for incoming and/or outgoing emails.
Allow: When you specify some attachment types as allowed type for outgoing, the users and groups for whom the policy is applied will be able to send emails only with the specified attachment type. When they send emails with other attachment types, the outgoing server will reject them and bounce the email back to the sender.Block: When you specify a type as blocked attachment type, the emails can be sent with any other attachment, other than the ones specified in the blocked attachment.
You can make sure that attachments with specific file names are blocked or allowed for both the incoming and outgoing emails.
For example, if you want to specify files with the name check, follow the below instructions:
The options available under email subject restrictions are:
You can define the restrictions for incoming, outgoing or for both. You can allow or block certain subjects for incoming and/or outgoing emails.
Allow: When you specify some subjects as allowed email subject for outgoing, the users and groups for whom the policy is applied will be able to send emails only with that subject. When they send emails with other subjects, the outgoing server will reject them and bounce the email back to the sender.Block: When you specify a subject as a blocked email subject, the emails can be sent with any other subject, other than the ones specified in the blocked subject.
Ex: If you specify the word "pharmacy" in the subject, it will block the emails irrespective of where the word appears in the subject. You can choose no restrictions to allow sending and receiving of emails without any subject restrictions.
You can define the account-based restrictions in this section. In this section, you can provide permissions to add external accounts as POP in Zoho and options to customize their signatures in Zoho Mail. You can also restrict the import/export of emails by the users and groups.
By default, Zoho Mail allows users to configure their external accounts via POP or IMAP. As an administrator, if you do not want the users to access their other accounts via POP, you can turn it off in this section. When turned off, the users for whom the policy is applied, will not be able to add the external accounts via POP.
Zoho Mail allows the users to configure and use multiple signatures for their accounts. As an administrator, you can turn off the feature. When the option is turned off, the users for whom the policy is applied, will not be able to customize their signatures, from the webmail console.
In the webmail and in the Admin Console, users and administrators have a feature to migrate emails in EML or ZIP format using the Import/Export Emails option. For security and privacy reasons, you can choose to turn off this feature for the users through email policy.
When turned off, the users will not be able to import emails into Zoho Mail or export the emails from Zoho Mail.
Users can save incoming attachments to Zoho Docs and also other cloud services like Google Drive, Dropbox, etc. However, the administrator can turn off the Add to Cloud option using the email policy to not allow users to save attachments to cloud storage.
Users can attach files from Zoho Docs or other cloud services like Google Drive, Dropbox, etc. to the emails that they are sending. However, the administrator can turn off the Attach from Cloud option using the email policy to not allow users to add attachments from cloud services.
While composing emails, users will have the option to send emails as a Blind Carbon Copy (BCC). However, the administrator can turn off the Display BCC option, to make sure that users do not have the option to BCC email addresses in their emails.
You can define the access restrictions in this section. You can provide permissions to access the account via POP, IMAP, and/or ActiveSync. Additionally, you can also decide whether the user can set up email forwarding from the account or not.
Zoho Mail allows users to enable their POP access, and retrieve emails via POP in email clients like Outlook, Thunderbird, etc. If you want to enable any access restrictions, you can turn off the POP access for the specific set of users. When turned off, the users, for whom the policy is applied, will not be able to access the Zoho account via POP. If they try to enable POP in webmail, they will receive an error message.
Zoho Mail allows users to enable their IMAP access, and retrieve emails via IMAP in email clients like Outlook, Thunderbird, etc. When turned off, the users for whom the policy is applied, will not be able to access the Zoho account via IMAP in other clients like iPhone, K9 etc.
When turned off, the users for whom the policy is applied, will not be able to access the Zoho account via Active Sync in other clients like iPad, Android etc.
When turned off, the users, for whom the policy is applied, will not be able to configure email forwarding from the Zoho accounts to external accounts.
The POP/IMAP options will be visible to the users in their Settings Page. However, if the admins turn off the Display POP&IMAP Settings option, users will not be able to change their POP/IMAP status. Only the admins will be able to enable/disable POP/ IMAP access for the users' accounts.
The Email Forwarding options will be visible to the users in their Settings Page. However, if the admins turn off the Display Mail Forward Settings option, users will not be able to change their email forwarding settings. Only the admins will be able to add or remove the email forwarding for the users' accounts.
You can also specify the IP restrictions if any for the users to whom the policy is applied to.
The maximum number of open sessions for a specific user account can be set. Turn on the Max Session Count option and enter the necessary limit. A minimum limit of 1 and a maximum limit of 25 can be set. Once the maximum limit set has been crossed, the user will not be able to log into their account in a new session. The user can close the current sessions and then log in to a new one.
If you have set up an IP restriction for your users, you can turn on the Mail Client IP Restriction to apply the IP range if external email clients are being used. Users to whom this policy has been applied will be able to access their mailbox only from this IP range, irrespective of whether they are logging in from webmail or external email clients. If an IP range is not set, this IP restriction will not take effect.
If you would like to restrict the IP addresses from which users can log in to their accounts, you can set up the IP range in the Allowed IP Addresses section. Users will not be able to log in to their accounts outside this IP range.
If you would like all outgoing emails sent by users to whom this policy is applied to be forwarded to another email address in the organization, you can configure it here.
The outgoing emails can be forwarded only to another organization account and not to any external account.
After you have created all the necessary restrictions, you need to apply them to the relevant policy.
Now, the relevant restrictions will be applied to the policy that you have created.
Next, you need to associate this policy with the respective users and groups.
You can also apply the email policy for users and groups in the user-specific or group-specific settings, or even at the time of creating the user or group.
Note:
Was this article helpful?
Subscribe now & Get the latest updates
Zoho Mail provides extensive control panel for the administrators to manage their organization users, email accounts and policies.
Zoho Mail Suite provides enterprise features for email hosting to satisfy the needs of organizations of all types and sizes. Zoho Mail provides custom domain-based email address for all members of your organization in no time.
When you register the domain with one provider, but point the Nameservers to another provider, then the CNAME/ TXT/ MX/ SPF records added in your Domain Registrar is not considered valid.
cPanel provides a control panel for domain owners to manage the different aspects of web hosting. Zoho Mail Plugin for cPanel helps you sign up for email hosting with Zoho Mail from within cPanel. This plugin is available under the Email section.
Plesk is a web hosting platform with a control panel that allows domain owners to manage the different aspects of web hosting. Zoho Mail Plugin for Plesk helps you sign up for email hosting with Zoho Mail from within Plesk.
Zoho Mail Admin Console provides a centralized interface from where you can manage critical aspects of an organization - the different domains, users, groups, organizational spam control, email policies, to name a few. However, this wealth of information might make navigating through the Admin Console slightly challenging.
The Admin Console Dashboard is the first thing you will see as soon as you login to the Zoho Mail Admin Console. It is a culmination of important data your admin might need at their disposal. You can enable or disable widgets in your dashboard including data on your organization's Email Traffic Stats.
The user details section, provides the list of users already added to the organization. When you click on each user, you can have a detailed view about the particular user. The Admin can also perform a set of actions on the user. The primary email address of the users are listed in the section.
The roles available in Zoho Mail are Super Administrator, Administrator, and User roles. The members of the organizations can assume different roles in Zoho Mail, based on the requirement. The Super Administrator can provide Administrator privileges to other users.
Groups or Distribution Lists are common email addresses, shared by a set of users for a specific purpose. When an email is sent to the group account, a copy of the email gets delivered to the mailbox of all the members of the Group.
The administrator can control organization-wide parameters under the Organization section. Settings for the entire organization such as the org name, logo, templates for the welcome email and signature, format for the display name and email address.
Zoho Mail allows organizations to add domains to their organization accounts or even buy domains through Zoho. Your organization members will further be able to send and receive emails using their custom domain-based email addresses in Zoho.
The Autodiscovery service ensures that email accounts can easily be configured using the IMAP protocol or on mobile devices using ActiveSync. The procedure varies depending on whether you want to configure it for IMAP or ActiveSync.
Email Policies help the administrators control the organization's email sending and receiving parameters. In Zoho Mail, you can define multiple email policies and apply them to various sets of users and groups.
With Zoho Mail, you can redirect or send a copy of an email automatically by configuring Email Routing. Email Routing is helpful in many situations like if you want to automatically send a copy of one user's email to another.
The security and compliance dashboard in the Zoho Mail Admin console provides an overview of all the recommended security configurations. It displays the overall compliance score.
Organization accounts hold a lot of sensitive data and there's a need for certain security rules to make sure your data stays safe and is not compromised. The administrator can protect their user and organization data with the help of email security features.
Zoho Mail is a secure email service with a spam control system that provides multiple options to customize the settings such that they suit your organization's needs.
Zoho Mail users can now experience enhanced email security and have better control over their preferences with the new Outlook Add-in while using their email client.
The Zoho Mail Admin Console provide options to export or backup users' emails, recover any deleted emails and also retry sending of emails that have failed delivery.
Zoho Mail offers a very simple solution to migrate data from your previous email provider to the respective user accounts in Zoho Mail directly. These user accounts need to be created in Zoho Mail before adding the migration.
Zoho user and email migration wizard can be used to discover users and migrate their emails from the Active Directory/ Exchange environment to their accounts in their Zoho Mail organization accounts.
The administrator can control the settings for other Zoho apps and third-party applications and integrations from the Other App Settings section in the Zoho Mail Admin Console.
Email retention is the process of retaining emails in an organization for a specific period in an organized manner based on the policies of the organization.
Email backup processes and stores emails in a safe, centralized location that can be retrieved at any point in time. It helps prevent data loss by enabling users to restore email content that has been accidentally deleted or lost.
Zoho Mail has a separate Admin Reports section which comprises of statistics on various aspects of your organization's emailing experience. As an administrator, these reports will help you gain information on all aspects of your organization.
Zoho Mail provides easy-to-use diagnostic tools to troubleshoot some services. There are options to check the domain and registry details. You can run some basic DNS configuration checks for a specific domain, and analyze message headers.
Zoho Mail offers different plans to accommodate different users. One can choose the subscription that would suit their organization from the array of available plans. You can also opt for the mix and match plan to have a tailor-made subscription.
Configure your firewall settings and allow your organization members to access Zoho Mail without any restrictions. All of the below-mentioned domains have to be whitelisted even if you don't see activity at those addresses.
Email:
sales@fgrade.com
Call us:
+917569743290