What "authorized" actually means
Marking a sender as authorized is a note-to-self — it tells Sendvery that you've recognised the source and intend mail from it, so we should stop highlighting it in your alerts and dashboards. It does not change your DNS, your SPF record, your DKIM keys, or anything visible to receivers. Authorization is an internal label that helps the next person looking at your inventory understand what's expected vs. what's surprising.
Mark as revoked is the inverse signal: it flags a source you've decided is illegitimate. We don't block anything either — revocation is again an internal label — but a revoked sender becomes a permanent red flag the next time it shows up, so spoofers don't slowly drift back into the "we'll just ignore that one" pile. If you want receivers to actually drop spoofed mail, that's what your DMARC policy does (move from p=none to p=quarantine or p=reject in the DNS health page).
How Sendvery picks the recommendation
Sendvery looks at the last 30 days of activity for each sender and emits one of three nudges. The thresholds are chosen so a legitimate marketing IP that's been sending real mail for a week clears the authorize bar, while a spoofer producing failing mail crosses the revoke bar before they drown out the genuine traffic.
- Recommend authorize: at least 50 messages in the last 30 days with a DKIM pass rate of 90% or higher, and we can identify the organisation (so the suggestion is concrete: "Mailchimp has sent X messages"). The recommendation never fires for unknown IPs — we will not pre-stamp "looks fine" for a source we can't name.
- Recommend revoke: at least 20 messages in the last 30 days with a DKIM pass rate below 50%, and the source is unknown. A known organisation with a low pass rate is more likely misconfigured than malicious — revocation isn't the right tool for that and we don't suggest it.
- Monitor: enough activity to be worth surfacing but the volume or pass rate sits between the two thresholds — not yet enough signal to commit to a recommendation. We'll re-evaluate as more data arrives.
You're never forced to follow a recommendation. If a sender looks wrong to you, mark it as revoked even if we said "authorize". The advisor exists to surface the senders worth your attention, not to make the decision for you.