Back to Blog
Management

Granular Policy Management: Rules That Actually Work

6 min read

Email security isn't one-size-fits-all. Your organization has unique requirements, trusted partners, and specific threats. You need a policy engine that adapts to your needs—not the other way around.

SecZim's policy system gives you complete control with an intuitive interface that doesn't require a PhD in regular expressions.

Priority-Based Rule Execution

Rules execute in priority order. First matching rule wins. This simple model makes complex policies easy to understand and debug.

# Action Condition
1 ACCEPT sender = *@trusted-partner.com
2 REJECT sender = *@competitor.com
3 REJECT country IN (RU, CN, NG)
4 ACCEPT recipient = support@company.com

Powerful Matching Options

Match on any attribute of an email connection. Combine conditions for precise targeting.

Sender Patterns

*@domain.com

Match entire domains or specific addresses

Recipient Patterns

support-*@company.com

Wildcard matching for recipient addresses

IP Ranges

192.168.0.0/16

CIDR notation for network ranges

Geographic

country = US

Filter by sender's country

Regex Patterns

~invoice-\d+@

Full regex for complex matching

Combined Rules

sender AND country

Multiple conditions in one rule

Regex Support for Power Users

When simple patterns aren't enough, use full regular expressions. SecZim supports POSIX regex for complex matching scenarios:

  • Match invoice patterns: invoice-[0-9]{6}@
  • Block numbered addresses: user[0-9]+@spammer\.com
  • Allow subdomain variations: .*@.*\.company\.com$
  • Complex sender patterns: (sales|support|info)@partner\.com

Drag-and-Drop Priority

Reorder rules with simple drag-and-drop. No need to renumber priorities manually. See exactly which rule will match first.

Available Actions

Each rule specifies what happens when it matches:

ACCEPT Allow the email to proceed
REJECT Block with custom message
DEFER Temporary failure, retry later
QUARANTINE Accept but flag for review
LOG Allow but log for monitoring

Real-Time Application

Policy changes take effect immediately. No restarts, no delays. Block a threat, allow a partner, adjust rules—changes apply to the very next email.

Perfect for Emergencies

Discovered a phishing campaign targeting your users? Add a block rule in 10 seconds. It's active before the attacker can send another email.

Policy Testing

Test rules before deploying them to production:

  • Simulate emails against your policy set
  • See exactly which rule would match
  • Identify conflicts and gaps
  • Preview changes before applying

Audit Trail

Every policy change is logged with timestamp, user, and before/after state. Perfect for compliance audits and troubleshooting.

Build Your Perfect Policy Set

From simple allowlists to complex multi-condition rules, SecZim's policy engine handles it all.

Start Free Trial

No More Config Files

Forget editing Postfix configuration files and reloading services. SecZim's web interface makes policy management accessible to anyone on your team—not just email server experts.

Your rules. Your way. Instantly applied.