Customer Remediation
Remediation is the process of assessing and taking action on malicious emails. Go to Email Security > Configuration > Mail Flow > Remediation, where you can select automatic remediation for all your users or keep the default option of manual remediation.
Note
When auto remediation is selected at the MSP level, it is enabled for all customers. However, a customer admin can revert to manual remediation, and override the auto remediation setting by the MSP. It is important to note that once the customer admin overrides the MSP selection, inheritance between the MSP level and the customer level is broken.
The Remediation tab is active by default when you access the Mail Flow page.
Manual remediation (default): By default, Email Security is configured for manual remediation, which means that administrators must assess user-reported threats and select a remediation option.
Administrators will need to assess and manage those emails by going to Email Security > Incidents and viewing the Action Needed tab. See Incidents for additional information.
Auto remediation for all users: If you select this option, then all malicious emails for all your users are delivered directly to their junk folders.
You can view the emails that have been auto remediated in the Resolved tab at Email Security > Incidents. If you decide that the email is safe, you can choose to add the sender to the Allow List or mark the email as safe. See Incidents for additional information.
If you decide to change the default setting of Manual remediation and enable Auto remediation for all users, select Save. You'll be prompted to confirm your decision: