What is Inbound Shield?
Inbound Shield is a security feature that filters incoming emails using a whitelist-only approach. This means:
Block by Default, Allow by Exception
All incoming emails are blocked unless the sender is in your trusted sources list.
What Gets Blocked
- • Spam emails
- • Phishing attempts
- • Marketing newsletters
- • Unknown senders
What Gets Through
- • Emails from trusted domains
- • Verified specific senders
- • Other staff members
- • Group distribution emails
Managing Trusted Sources
Trusted sources are senders that are allowed to deliver emails to your staff.
Domain Whitelist
Allows all emails from a specific domain
@payroll-provider.com
Specific Sender
Allows only a specific email address
hr@external-consultant.com
Adding a Trusted Source:
- Go to Security → Inbound Shield
- Click "Add Trusted Source"
- Choose the type (Domain or Specific Sender)
- Enter the domain or email address
- Save - the trusted source is now active
Common Trusted Sources
Services and domains you should consider adding:
| Category | Example | Why |
|---|---|---|
| Payroll Services | @adp.com, @workday.com | Payslips and payroll notifications |
| HR Platforms | @bamboohr.com | HR communications and policies |
| Government | @gov.example | Official tax and compliance notices |