Configure Workflow Rules

Workflow rules define which outbound messages trigger actions. When INKY detects conditions you specify, it applies the actions you choose.

Written By Matt Sywulak

Last updated 4 days ago

Creating a Rule

  1. Navigate: Admin Center → Outbound Protection Settings Outbound Protection - INKY

  2. Click: Add Rule

  3. Configure conditions and actions (see below)

  4. Save

Setting Conditions

Use the rule editor to define what triggers the rule:

Condition Logic:

  • Toggle between AND (all must match) and OR (any can match)

  • Combine multiple conditions for precision

Available Conditions:

  • Data Types - Credit cards, SSNs, passports, bank accounts, medical info, crypto addresses

  • Email Headers - Subject, from, to, custom X-INKY headers

  • Content Patterns - Custom regex for specific phrases or formats

  • Workflow Headers - Match internal routing signals (e.g., "outside" for external recipients only)

Example: Detect SSNs AND external recipients:

Workflow Header: Matches "outside" Data Type: Matches "National IDs"

Data Type Exclusions

Data Type Exclusions are currently in beta and behind feature flags. If you’d like to test, please reach out to support.

When you add a Data Types condition to a rule, you can configure exclusions per data type. Exclusions let you avoid triggering the rule for specific patterns or contexts—for example, detecting SSNs while excluding certain formats or use cases.

How to access: Select the Data Types condition in the rule editor. Exclusion options appear for each data type you add.

  • Per-data-type configuration — Each data type (e.g., SSNs, credit cards, passports) has its own exclusion settings. Configure exclusions separately for each type.

  • Context filter — A context filter is shown only when it applies to the selected data type. Use it to narrow or broaden when the exclusion applies.

  • Info tooltip — An info icon next to exclusions explains how they work and how to configure them.

Note: Exclusions are scoped to each data type independently. Exclusions for one data type do not affect others.

Setting Actions

Choose what happens when conditions match:

Sender Confirm - User approves their own message Approval Required - Designated approver must review Encrypt - Automatically send via encryption portal Quarantine - Hold for admin review

Action Order: If multiple rules trigger, actions apply in this order:

  1. Sender Confirm

  2. Approval Required

  3. Encrypt

Rule-Level Approvers

Override global approvers for specific rules:

  1. Add Approval Required action

  2. Click gear icon on the action

  3. Select Approver Overrides

  4. Choose specific approvers for this rule

  5. Set Backup Trigger (hours before expiration to notify default approvers)

Default Rules

INKY provides two disabled rules to start:

  • Personally Identifiable Information - Detects IDs, licenses, passports

  • Business Related Information - Detects financial and medical data

Enable and customize these or create your own.

Best Practices

  • Start narrow - Begin with high-risk data types, expand gradually

  • Test first - Use audit for new rules before performing actions

  • Monitor results - Review triggered rules in Workflow Portal