Allowed and blocked senders

To protect against unwanted messages, you can block senders by email address, domain, IP address, or subnet. This way, you can block messages from specific sources, even if they pass the Spamoborona check.

This option is available with the Extended and Optimal plans.

Preparation

Currently, you can only manage the lists of allowed and blocked senders via the API and by implementing the Domain policy rules.

  1. To work with the API, you'll need an OAuth token, which you can get after creating an application in the Yandex OAuth service.

    • If you don't have an OAuth application yet, follow the instructions on the Access to API page to create one and obtain a token. When creating an application, select the permissions ya360_admin:mail_write_routing_rules and ya360_admin:mail_read_routing_rules.
    • If you already have an OAuth application for working with the Yandex 360 for Business API, add permissions to work with domain policies and message filters, then get a new OAuth token following the instructions.

  2. Find the organization ID: go to the company account and select General settings → Company profile. You can see the ID below the organization name.

How to view all filters

  1. Prepare and submit a GET request:

    curl -X GET -H "Authorization: OAuth {oauth_token}" https://api360.yandex.net/admin/v1/org/{orgId}/mail/routing/policies

    Substitute the following values into the code:

    • {orgId}: Organization ID.
    • {oauth_token}: OAuth token.

  2. The response to the request returns filters with the lists of allowed and blocked senders.

How to add a sender to the list

You can add a sender to an existing filter or create a new one.

Alert

New email addresses and filters are added by overwriting existing data. To make changes without losing the existing filters, export the current list of filters, edit it, and then upload the updated list again.

  1. Prepare and submit a GET request:

    curl -X GET -H "Authorization: OAuth {oauth_token}" -o body.json https://api360.yandex.net/admin/v1/org/{orgId}/mail/routing/policies

    Substitute the following values into the code:

    • {orgId}: Organization ID.
    • {oauth_token}: OAuth token.

  2. The existing filters will be saved to the body.json file.

  3. Open the file in any text editor. Example content:

    {
    "rules": [{
            "name":{name},
            "description":{description},
            "enabled":{state},
            "condition":{
                "email_from_filter":{
                    "list": [
                        "username@domain.ru",
                        "username@my.domain.ru",
                        "username@SOME.DOMAIN",
                        "username@other.domain.ru"
                    ]
                }
            },
            "action":{
                "type":{action},
                "options":{
                    "force":{tag}
                }
            }
        }
    ]
}

    Here:
    {name} is the name of the filter, such as "Blocked email addresses",
    {description} is a short description of the filter, such as "Block unwanted messages",
    {status} is whether the rule should be enabled: true — rule enabled, false — rule disabled,
    {action} is the action that will be performed: reject — reject the message, accept — accept the message,
    {tag} is whether the accepted message should be additionally tagged: spam — considered to be spam, ham — considered not to be spam, even if Spamoborona flagged it as spam. The parameter is used only if type=accept.

    For each filter, the condition parameter can specify only one of the listed conditions:

    • email_from_filter: List of email addresses.
    • ip_filter: List of IP addresses and subnets.
    • domain_filter: List of domains (the listed values may contain the wildcard character * to denote any subdomains for a higher-level domain. See example.)

  4. Add the sender to the relevant list within an existing filter or create a new filter. The order of filters in the list matters: the closer a filter is to the top, the higher its priority.

    Example file with multiple filters
    {
    "rules": [{
            "name": "Blocked email addresses",
            "description": "Block unwanted messages",
            "enabled": true,
            "condition":{
                "email_from_filter":{
                    "list": [
                        "username@domain.ru",
                        "username@my.domain.ru",
                        "username@SOME.DOMAIN",
                        "username@other.domain.ru"
                    ]
                }
            },
            "action":{
                "type": "reject"
            }
        },{
            "name": "Blocked domains",
            "description": "Reject unwanted messages",
            "enabled": true,
            "condition":{
                "domain_filter":{
                    "list": [
                        "SOME.DOMAIN",
                        "other.domain.ru",
                        "*.download"
                    ]
                }
            },
            "action":{
                "type": "reject"
            }
        },{
            "name": "Allowed IP addresses",
            "description": "IP addresses of partners",
            "enabled": true,
            "condition":{
                "ip_filter":{
                    "list": [
                        "44.33.22.11",
                        "255.255.0.0/16"
                    ]
                }
            },
            "action":{
                "type": "accept"
            }
        },{
            "name": "Suspected spam",
            "description": "Sort to the spam folder",
            "enabled": true,
            "condition":{
                "ip_filter":{
                    "list": [
                        "55.55.33.33"
                    ]
                }
            },
            "action":{
                "type": "accept",
                "options":{
                    "force": "spam"
                }
            }
        }
    ]
}

  5. Save the file.

  6. Prepare and submit a PUT request:

    curl -X PUT -H "Authorization: OAuth {oauth_token}" -H "Content-Type: application/json" -d "@body.json" https://api360.yandex.net/admin/v1/org/{orgId}/mail/routing/policies

    Substitute the following values into the code:

    • {orgId}: Organization ID.
    • {oauth_token}: OAuth token.

  7. A successful request returns a response with status code 200.

How do I make API requests?

  1. Prepare the request: copy and paste the sample code above into any text editor, replacing the values with your token and ID.

  2. Open the folder where the file body.json will be saved.

  3. Click on empty space in the address bar.

  4. Type cmd there and press Enter.

  5. The "Command line" window will open. Insert the request you've prepared and press Enter.

API documentation

Full details on all methods for managing the lists of allowed and blocked senders are available in the documentation.

Yandex technology designed to combat spam.

These instructions describe what action to take with a message when the specified conditions are met.

API is a special mechanism for managing Yandex 360 services, designed primarily for process automation. There are two ways to work with the API: create a special application (which can be done by a developer) or use the computer's command line. Complete documentation for developers.

  • The value *.com corresponds to all email addresses on the domain com.
  • The value *.yandex.ru corresponds to all email addresses on any yandex.ru subdomains, except for addresses directly on the main yandex.ru domain.

Special code allowing access to data on behalf of a specific user.

API request to modify a resource on the server. It's used to send new data to the server for an existing object.

API request to retrieve a resource from the server. It's used to retrieve data from the server based on specific parameters.

Previous
Email clients
Next
Gateway connection