Skip to main content
Skip table of contents

Policy & Rule Hierarchy

Policy Hierarchy

Policies are applied in the following order:

  1. User

  2. Domain

  3. Organization

Example: A policy applied to joe.bloggs@example.com would be validated before any domain specific policy or the organization's default policy.

It is not possible for a user to have more than one policy.

Rule Category Hierarchy

Rule categories are applied in the following order:

  1. Edge Custom Rule

  2. Edge Allow Rule

  3. Edge Block Rule

  4. Custom Rule

  5. Allow Rule

  6. Block Rule

Example: An edge custom rule would be validated before any other rules categories.

Custom Rule Execution Hierarchy

Custom rules are executed in the following order and within each level it is applied to, there is additional ordering depending on the rule type.

Applied to:

  1. User

  2. Domain

  3. Organisation

Rule Type:

A. Edge Custom Allow Rule: Sending email address

B. Edge Custom Allow Rule: Sending domain name

C. Edge Custom Block Rule: Sending email address

D. Edge Custom Block Rule: Sending domain name

E. Custom Allow Rule: Sending email address

F. Custom Allow Rule: Sending domain name

G. Custom Block Rule: Sending email address

H. Custom Block Rule: Sending domain name

Example: An edge custom rule created for the user “homer.simpson@meshsecurity.io” to deliver emails from “skinner@example.com” (1A) would be validated before other custom rules.

Allow / Block Rule Execution Hierarchy

Rules are executed in the following order and within each level it is applied to, there is additional ordering depending on the rule type.

Applied to:

  1. User

  2. Domain

  3. Organisation

Rule Type:

A. Edge Allow Rule: Sending email address

B. Edge Allow Rule: Sending domain name

C. Edge Block Rule: Sending email address

D. Edge Block Rule: Sending domain name

E. Allow Rule: Sending email address

F. Allow Rule: Sending domain name

G. Block Rule: Sending email address

H. Block Rule: Sending domain name

Example: An allow rule created for the user “hans.moleman@meshsecurity.io” to deliver emails from “john@example.com” (1E) would be validated before other allow or block rules, but not edge or custom rules.

Order of Execution Summary

To help visualize the order of execution, please see the below tables.

Our filter will process the rules in the order: Table 1→ Table 2 → Table 3 → Table 4.

If no rule is found, it will move to the next check.

If a rule is found and executed, it will break out of the loop and will not check for subsequent rules.

Table 1

Custom Rule

Edge Slider Enabled

Action

Allow Email Address

Allow Domain Name

Block Email Address

Block Domain Name

User

1st

2nd

3rd

4th

Domain

5th

6th

7th

8th

Organisation

9th

10th

11th

12th

Table 2

Allow / Block rule

Edge Slider Enabled

Action

Allow Email Address

Allow Domain Name

Block Email Address

Block Domain Name

User

13th

14th

15th

16th

Domain

17th

18th

19th

20th

Organisation

21st

22nd

23rd

24th

Table 3

Custom Rule

Edge Slider Disabled

Action

Allow Email Address

Allow Domain Name

Block Email Address

Block Domain Name

User

25th

26th

27th

28th

Domain

29th

30th

31st

32nd

Organisation

33rd

34th

35th

36th

Table 4

Allow / Block rule

Edge Slider Disabled

Action

Allow Email Address

Allow Domain Name

Block Email Address

Block Domain Name

User

37th

38th

39th

40th

Domain

41st

42nd

43rd

44th

Organisation

45th

46th

47th

48th

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.