The Impersonation Protection for Internal Senders feature on the Settings page protects your email domain from impersonation (internal impersonation is if your email domain is, for example, "example.com" and an attacker sends emails that appear to come from "HR@example.com").
Before enabling this feature, please ensure that your email authentication parameters (SPF, DKIM, DMARC) are set up correctly. Internal emails with incorrect authentication parameters appear suspicious to Graphus AI. They might cause the AI to quarantine legit emails from internal senders falsely or to mark them as suspicious with a banner.
Reference Articles
The following articles provide the needed information to set up your email authentication correctly: