About the In-tray

The PhishTool In-tray is your unified report queue for all your In-tray sources. Reported emails appear in the In-tray in chronological order, with the most recent reported emails at the top.

The In-tray consists of an 'Open' and 'Closed' queue. When reported emails are 'Resolved' they are moved from the 'Open' queue to the 'Closed' queue.

In-tray Sources

There are several options for ingesting reported emails into the In-tray. These are called 'In-tray sources'. The possible In-tray source types are:

• Mailbox integrations: Integration to an already existing phish report mailbox. Supports mailboxes in Google Workspaces and Microsoft 365. Requires read-only access to the mailbox.

• Phish Report Buttons (PRBs): A Phish Report Button deployed to Microsoft Outlook clients. A button for end-users to report potential phishing emails directly to the In-tray from their Microsoft Outlook client. The PRB works with Microsoft 365, Exchange on-premises and hybrid environments with Microsoft Outlook for iOS and Android, Microsoft Outlook desktop and Microsoft Outlook on the Web.

• API Submissions: Create custom integrations to submit emails to the In-tray with an API key.

Each In-tray source is configured with a unique name, defined by you. Multiple In-tray sources can be created, and multiple instances of each source type can be created.

In-tray Open and Closed tables can be filtered by In-tray source name. Filtering by In-tray source name lists only emails reported to the In-tray via the filtered In-tray source.