Alerts let you set up robust and customizable alert policies for your account configuration and email traffic. Setting up alerts is a great way of making sure you are always up to date with the email traffic activity of your domains.
In this article, we will explore the various types of alerts that can be configured and their importance for your account's health.
The Alerts are split into 2 categories, the Smart Alerts and the Configurable Alerts.
Below you will see every type of Alert explained and the account package type the respective alert is available on.
Smart Alerts are only available for Premium and Enterprise account packages.
The following are Smart Alerts:
MFA personal-level updates
MFA account-level updates
SSO updates
Domain added
Domain deleted
Possible internal sender
Configurable Alerts are only available for Enterprise and Premium account packages.
The following are Configurable Alerts:
DMARC policy updates
Enabled senders DMARC(Enterprise only)
Executive report
New services detected
Record configuration changes(Enterprise Only)
Suspicious sending alert
Smart and Configurable Alerts that are available in Valimail Monitor:
The following are Smart Alerts:
MFA personal-level updates
MFA account-level updates
SSO updates
Domain added
Domain deleted
The following are Configurable Alerts:
Known Sender DMARC Rate Change (The equivalent of the Enabled senders DMARC for Enforce)
New services detected
Suspicious sending alert
Smart Alerts
Note: Smart Alerts are not configurable.
Smart Alerts are sent automatically when you make modifications on the account.
Examples: (when you add or delete a domain, when you enable/disable the SSO/MFA, etc.)
Below you can find a description and example of each Smart Alert.
MFA personal-level and account-level updates alerts
Know instantly when your MFA has been changed, on either the account or user level.
Enforce packages: Premium, Enterprise.
1. User MFA Alert: this alert is sent to each user when changes to their personal Enforce account are detected.
Example of User MFA Alert:
2. Account MFA Alert: this is alert is sent to the account owner when changes to Enforce account MFA settings are detected.
Example of Account MFA Alert:
SSO Updates alert
This alert notifies an account owner when changes to SSO occur on their account. The alert will appear in the account owner's email and Enforce Notification Center.
Enforce packages: Premium, Enterprise
Example of SSO Updates alert:
Domain added and Domain deleted alerts
You will now receive a default alert every time a new domain is added or deleted to your account. The alert will appear both in your email and in the Enforce notifications and will only go to account owners.
Enforce packages: Premium, Enterprise
Example of Domain added alert:
Example of Domain deleted alert:
Possible Internal Sender alert
This alert notifies the account owner when the unidentified senders for an IP represent more than 10% of all unidentified senders within a 30-day period. This lets the account owner know that a sender might be an internal sender that is being blocked, enabling the owner to take the action needed. The alert will appear in the account owner's email and Enforce Notification Center.
Enforce packages: Premium, Enterprise
Example of Possible Internal Sender alert:
Configurable Alerts
Below you will see every type of Configurable Alert setup exemplified.
DMARC Policy Updates alert
Enforce packages: Enterprise
This alert will notify you when there are changes to your DMARC policy. You can choose to add this alert for a specific domain or all domains on your account. This alert will let you know if your DMARC enforcement policy changes or if there are issues with your existing DMARC record.
Alert setup:
1. Log in to the Valimail portal
2. Click on ENFORCE SETTINGS
3. Click on Alerts
4. Click on DMARC Policy on the Type of Alert drop-down menu
5. Click on ADD A CUSTOM ALERT
6. Enter your email address
7. Select a domain from the list
8. Click on ADD CUSTOM ALERT
Examples of DMARC Policy Update alert:
DMARC Policy Changes p=none
DMARC Policy Changes p=quarantine
DMARC Policy Changes p=reject
Enabled Senders DMARC alert
Enforce packages: Premium, Enterprise
This alert allows you to be notified when an enabled sender on a specified domain hits a certain DMARC pass rate threshold.
The threshold options are:
Passing (95-100%)
Partially Passing (51-94%)
Failing (0-50%).
These percentages are calculated over a rolling 30-day period. This alert will allow you to keep tabs on senders that might need additional configuration, senders that have had new instances added, or senders that have been configured incorrectly.
Alert setup:
1. Log in to the Valimail portal
2. Click on ENFORCE SETTINGS
3. Click on Alerts
4. Click on Enabled Senders DMARC from the Type of Alert drop-down menu
5. Click on ADD A CUSTOM ALERT
6. Enter your email address, then pick the Domain, Sender, and Authentication rate threshold
7. Click on ADD CUSTOM ALERT
Example of the Enabled Senders DMARC alert:
Executive Report alert
Enforce packages: Premium, Enterprise
This alert allows you to sign up for a notification when a new executive report is available for your account. The executive report will contain an overview of your account's email activity over the selected period of time. This is a great way to keep yourself up to date without logging into the Valimail application.
Alert setup:
1. Log in to the Valimail portal
2. Click on ENFORCE SETTINGS
3. Click on Alerts
4. Click on Executive Report from the Type of Alert drop-down menu
5. Click on ADD A CUSTOM ALERT
6. Enter your email address and select the report cadence
7. Click on ADD CUSTOM ALERT
Example of an Executive Report alert:
New Services Detected alert
Enforce packages: Premium, Enterprise
This alert will send a notification whenever a new service starts sending mail on behalf of your domain(s). We recommend that you review the service and determine if they are legitimate or not.
In most cases, these will not be authorized, but can also mean that someone in your organization is trying to set up a new service without following the proper internal procedure.
Alert setup:
2. Click on ENFORCE SETTINGS
3. Click on Alerts
4. Click on New Service Detected from the Type of Alert drop-down menu
5. Click on ADD A CUSTOM ALERT
6. Enter your email address
7. Click on ADD CUSTOM ALERT
Example of New Services Detected alert:
Record Configuration Change alert
Enforce packages: Enterprise
This alert lets you know when there are any changes to your DMARC, DKIM, or SPF configurations.
It is very important that your DMARC, DKIM, and SPF records are pointing to Valimail at all times in order to make sure our service can effectively protect your domains and also prevent legitimate traffic from being blocked or quarantined.
DNS downtime or syntax errors resulting from DNS changes can be addressed much faster if this alert is turned on. We only look at the last record update from the previous day in order to avoid sending multiple emails due to flapping DNS.
Our recommendation is to set up this alert for all domains and all record types.
Alert setup:
2. Click on ENFORCE SETTINGS
3. Click on Alerts
4. Click on Record Configuration Change from the Type of Alert drop-down menu
5. Click on ADD A CUSTOM ALERT
6. Enter your email address, select the Domain and the record type that you wish to monitor
7. Click on ADD CUSTOM ALERT
Example of Record Configuration Changes alert:
Suspicious Sending alert
Enforce packages: Premium, Enterprise
This alert lets you know when the amount of traffic from Unidentified IPs reaches a certain predetermined threshold.
This type of traffic will be malicious most of the time, but there can be situations where legitimate traffic from a newly configured email system will show up in the Unidentified Senders section.
In this scenario, we recommend reaching out to our support team, who can facilitate adding the newly configured email system to our catalog or sending services.
This alert can only be configured for domains that are not enforcing DMARC(p=none) and are vulnerable to spoofing attacks. Setting your domain's DMARC policy to quarantine or reject will instruct the receiving email gateways to take action against this type of attacks, and there is no need to worry about it. However, if you are interested in spoofing levels for your domains which are at Enforcement, you can see this under Authentication Reports -> Unidentified or on the Account Overview page.
Alert setup:
2. Click on ENFORCE SETTINGS
3. Click on Alerts
4. Click on Suspicious Sending
5. Click on ADD A CUSTOM ALERT
6. Enter your email address, select the Domain, the Unidentified traffic percentage, and the alert cadence.
7. Click on ADD CUSTOM ALERT
Example of Suspicious Sender alert:
Email alerts notifications
All the above Email Alerts will be sent from [email protected] and will contain one of the subjects below:
Alert: Issues with your DMARC record
Alert: Issues with your SPF record
Alert: Issues with your DKIM record
Alert: New Domain
Alert: Deleted Domain
Alert: MFA Change
Alert: SSO Change
Alert: Suspicious Sending
New email services for YourDomain.com