The “IF” menu allows you to choose under which condition the rule will be applied.
If you are not sure what any of these conditions mean, take a look at the following list.
Sensitivity score
Each email sent with Trustifi receives a score according to potentially sensitive content that was found in the body or attachments of the email.
Sensitivity scores are graded from 0 to 5, with increments of 0.1 between each score.
A score of 5 would represent highly personal or sensitive data like a credit card number or a social security number, while a low score of 1 would represent data that is potentially sensitive in some cases like an email address.
For a more detailed explanation, search for “Sensitivity Engine” in our Support menu.
Sensitivity type
Sensitive content found in emails or attachments is divided into categories such as “Financial information”, “Social security information”, “Medical information”, etc.
By choosing which sensitivity types (you can select as many as you want) to look for, you can narrow down your rule definition so that it only applies to specific types of sensitive information.
In the “Select Sensitivity Types” window, you can select multiple data types that Trustifi can automatically detect in emails. Use the search bar at the top right to find the specific data types you are interested in.
If you are interested in finding a pattern/data type that is not listed here, you can add your own sensitivity type by clicking on the “Add Sensitivity Type” button at the top left. You will need to give this sensitivity type a name, a Regular Expression (regex) pattern, and a score. You will then be able to use your custom data type for sensitivity detection in sent emails.
Compliance
The email will be searched for keywords and content that are relevant to different compliances: GDPR, FERPA, HIPAA, PCI, CCPA, POPI, LGPD, PDPO, and GLBA.
You can choose multiple compliances for one condition.
MTA
The rule will be triggered if either the IP, CIDR, or hostname of the sending MTA matches one of the provided values. You can choose to add values of either type:
IP addresses
CIDR (IP range)
Hostname
Keywords
You may choose to search the body and/or subject of the email for keywords of your choice.
You may enter as many keywords as you want (separated by commas).
Entire phrases/sentences can also be used.
Keywords are not case-sensitive.
Addresses
Check if any of the email recipients (From/To/Cc/ or all) match one or more email addresses that you have specified.
You may enter as many addresses as you want (separated by commas).
Note that Trustifi offers many different match conditions for addresses:
“Exact match” – Will match for the specific addresses only
“Starts with” – Will match for any address that starts with the provided string
“Ends with” – Will match for any address that ends with the provided string
“Internal” – Addresses from the user’s internal domains
“External” – Addresses not from the user’s internal domains
“Belongs to” – Will match for addresses that belong to any group from the provided list
“Contains” – Will match for any address that contains the provided string
Attachment types
The rule will be triggered if an email contains any of the selected attachment types (e.g. ZIP archives or CSV files).
You may also select the “All attachment types” option so that the rule applies to emails with any kind of attachment.
At least one domain
Checks if any of the email’s recipients (From/To/Cc/ or all) are hosted in a domain that you have specified. You may enter as many domains as you want (separated by commas).
Note that Trustifi offers many different match conditions for domains:
“Exact match” – Will match for the specific domains only
“Internal” – Domains from the user’s internal domains
“External” – Domains not from the user’s internal domains
“Free email domain” - Will match for free public domains such as Gmail or Yahoo
All the domains
The rule will be triggered only if all the recipients (From/To/Cc/ or all) are from the list of specified domains.
You may enter as many domains as you want (separated by commas).
Difference in domain groups
Checks for differences between the sender’s domain and the domains of the recipients.
For example – if the difference level is set to 1, the rule will be applied if any one of the recipients is in a domain different from the sender.
This condition is useful for enforcing rules on internal or external emails only.
Groups
The rule will be applied only if the email is sent to any one of the contact groups selected by the admin.
You may select as many groups for this condition as you want.
Custom header value
The rule will be applied for any email containing a header that matches the specified name and value.
Both the name and value must match for the rule to be applied, both are case-sensitive.
Total unique domains
The rule will be triggered if the total number of unique domains in To/Cc/Bcc is greater or equal to the specified value.
Email methods
The rule will be triggered if any security methods (encrypt content/MFA/both) have been enabled in the email.
Sent Hour
For this condition, the rule will be triggered if an email has been sent within the select time range. When using this condition, you will need to select a start time and an end time. The start time has to be earlier than the end time.
Sent Day
For this condition, the rule will be triggered if an email has been sent during one of the selected weekdays. When using this condition, you can select multiple weekdays.