Actions are based on reports that we have received for your domain. Whenever we receive a report, we take each source/sender and display an Action asking if you recognize the source or not by answering Yes or No. An example of such an Action is shown below.
Answering Yes classifies the source as an Asset ie. service that you recognize and use, and No classifies the source as Threat ie. service that you do not recognize or use. Please keep in mind that seeing a well-known service such as Microsoft Office 365 does not indicate that you should answer Yes to. You should only answer Yes to sources that you use and should be sending emails on your domain’s behalf.
Classifying senders as Threats does not affect your email traffic in any way, it just tells the tool to ignore failures from those senders and helps with the decision making of when you are ready to move to policy of reject.
For each Asset you will receive instructions on how to configure SPF and DKIM, an example is shown below.
Once you have configured SPF and DKIM, you will have to go into Email Sources and for each Asset enter the SPF and DKIM details so you can monitor their status.
The action to configure the Asset with SPF and DKIM will remain until the tool receives reports which confirm that DMARC is passing based on SPF and DKIM.
Sometimes you may have hundreds of actions that need your attention. We have built a feature that enables you to multi-select sources and classify them all at once. In the Actions menu you will see a toggle that can be used to switch between single and multi-select.