Graymail is a non-malicious bulk email sent from legitimate sources. Examples of graymail include newsletters, announcements, or advertisements that users may have previously opted-in for. Defend can detect and action a graymail with the following functionality:

• Graymail banners
• Moving mail to a _Graymail folder
• Report as Graymail/ not as Graymail buttons on the email summary page

Pre-Requisites

• A Defend user group in Microsoft 365
• Both the Admin Features and User Analysis options are successfully linked to a tenant on the Defend Settings page.

Graymail User Group

The Egress_Defend_Graymail_Users group contains users who have access to Defend’s graymail functionality. This group determines which users receive graymail protection features and notifications. Custom group names can be specified while the graymail feature is disabled by entering the group's mail address in the Graymail User Group field.

Enablement Steps

The following steps must be completed by your Defend admin. Once complete, the _Graymail folder will appear for users in the Defend user group upon receiving their first email flagged as Graymail.

1. Ensure the prerequisites have been met.
2. Log in to the Defend console.
3. Navigate to Settings.
4. Enable the Graymail banners and the Graymail reporting options.
5. Enter your graymail group's mail address into the Graymail User Group field.
6. Select Save Changes.