Fallback Workflows for Internal Traffic

In case Protect (Inline) protection for internal emails is not enabled, internal emails are inspected in Detect and Remediate mode.

As they share the policy with incoming emails, workflows defined for inline protection cannot be applied on the internal emails.

Therefore, for every inline workflow defined for incoming emails, these workflows are applied for internal traffic:

Threat Detection Policy Workflow for Incoming Emails Threat Detection Policy Workflow for Internal Emails Comments
Quarantine (Prevent (Inline) or Detect and Remediate protection mode) Quarantine (Prevent (Inline) or Detect and Remediate protection mode) N/A
Email is allowed. Deliver to Junk Email is allowed. Deliver to Junk N/A
Do nothing Do nothing N/A
Email is allowed, Header is added to the email Do nothing If you want the fallback workflow as Quarantine, contact Avanan Support.
User receives the email with a warning User receives the email with a warning N/A
Require end users to enter the password Require end users to enter the password Workflow relevant for Password Protected Attachments Protection.
Add [SPAM] to subject Add [SPAM] to subject N/A
Deliver with Smart Banners Do nothing N/A