Nearby Domain Rule

This Rule compares domains in the email header to your configured domains. It will trigger when domains in the header are very similar to (but not identical to) your configured domains. For example, a spam email delivered to may contain headers from

You can use this Rule to catch spam emailed that are designed to appear on casual inspection as if they originate from your domain.

To set up this Rule:

  1. Visit your USS Dashboard and click ProductsE-mail SecurityMessage Rules.
  2. Click to create a new Rule.
  3. Give the Rule a sensible name, like "Nearby domains", and click .
  4. Add a Direction Condition, with the logic set to Matches: Inbound.
  5. Add a Nearby Domains Condition, with the logic set to Less Than: 3
  6. Add a Nearby Domains Condition, with the logic set to Greater Than: 0
  7. Add an Add to Spam Score Action. Set the value to 108. This will digest the message, should other Rules not detect it.
  8. Do not add a Final Action.
  9. Make sure that the Active checkbox is enabled.
  10. Click .
  11. Drag the new Rule to a sensible place in your Message Rules list. If your Service Provider has configured a set of sensible default Rules, placing this new Rule above the Confirmed Phishing Rule is a good choice.

The completed Rule should look like this:

How did we do?