Safety Settings
Configure tenant-wide guardrails for inbound threat classification and sending behavior.
Safety settings control how your tenant handles inbound threats, spam classification, and agent-safety guardrails. These are global settings that apply to all agents and mailboxes in your tenant.
Changes take effect immediately. Safety settings work alongside (not as a replacement for) policy engine rules.
View current settings
Via the CLI
molted safety get{
"tenantId": "tenant_abc123",
"quarantineHighInjection": true,
"holdCriticalAnomalies": true,
"blockCanaryViolations": true,
"spamAction": "quarantine",
"phishingAction": "quarantine",
"malwareAction": "reject",
"abuseAction": "quarantine",
"impersonationAction": "quarantine",
"spamThreshold": 0.5,
"maxLinksThreshold": 5,
"blockNoAuth": false,
"blockedKeywords": [],
"allowedSenders": [],
"spamActionLowConfidence": "deliver"
}Via the API
GET https://api.molted.email/v1/agent/config/safety-settingsRequires Bearer authentication.
curl https://api.molted.email/v1/agent/config/safety-settings?tenantId=TENANT_ID \
-H "Authorization: Bearer YOUR_API_KEY"Update settings
Updates are partial -- only fields you include are changed. Unspecified fields keep their current values.
Via the CLI
molted safety update --settings '{
"spamAction": "reject",
"spamThreshold": 0.7,
"blockedKeywords": ["unsubscribe me", "remove me"]
}'| Flag | Type | Required | Description |
|---|---|---|---|
--settings | json | Yes | Safety settings as a JSON string. |
Via the API
PUT https://api.molted.email/v1/agent/config/safety-settingsRequires Bearer authentication.
curl -X PUT https://api.molted.email/v1/agent/config/safety-settings?tenantId=TENANT_ID \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"spamAction": "reject",
"spamThreshold": 0.7,
"blockedKeywords": ["unsubscribe me", "remove me"]
}'Settings reference
Threat response actions
These control what happens when a threat is detected. Valid values: "deliver", "quarantine", "reject".
| Field | Type | Default | Description |
|---|---|---|---|
spamAction | string | "quarantine" | Action for detected spam. |
phishingAction | string | "quarantine" | Action for detected phishing. |
malwareAction | string | "reject" | Action for detected malware. |
abuseAction | string | "quarantine" | Action for abuse or harassment. |
impersonationAction | string | "quarantine" | Action for impersonation attempts. |
spamActionLowConfidence | string | "deliver" | Action when spam confidence is below the threshold. |
Action meanings:
- deliver -- the message is delivered to the mailbox normally.
- quarantine -- the message is held in the approval queue for human review.
- reject -- the message is silently dropped and not delivered.
Classification thresholds
| Field | Type | Default | Range | Description |
|---|---|---|---|---|
spamThreshold | number | 0.5 | 0.1 - 1.0 | Spam score cutoff. Lower values are more aggressive. |
maxLinksThreshold | number | 5 | 1 - 100 | Maximum links per message before flagging as suspicious. |
Guardrail flags
Boolean flags that enable or disable specific safety guardrails.
| Field | Type | Default | Description |
|---|---|---|---|
quarantineHighInjection | boolean | true | Quarantine messages with high prompt-injection risk. |
holdCriticalAnomalies | boolean | true | Hold messages flagged as critical anomalies for review. |
blockCanaryViolations | boolean | true | Block messages that trip canary tokens. |
blockNoAuth | boolean | false | Apply a heavy spam penalty (+0.5) to messages failing all auth checks (SPF, DKIM, DMARC). |
Allow/deny lists
| Field | Type | Default | Max entries | Description |
|---|---|---|---|---|
blockedKeywords | string[] | [] | 100 | Keywords that trigger quarantine. Matched case-insensitively against subject and body. |
allowedSenders | string[] | [] | 100 | Email addresses or domains that bypass safety classification entirely. |
Examples
Lock down a high-security mailbox
Block unauthenticated email, reject malware and phishing, quarantine everything else:
molted safety update --settings '{
"malwareAction": "reject",
"phishingAction": "reject",
"spamAction": "quarantine",
"blockNoAuth": true,
"quarantineHighInjection": true,
"spamThreshold": 0.3
}'Relax settings for a trusted environment
When your mailbox only receives email from known partners:
molted safety update --settings '{
"spamAction": "deliver",
"spamActionLowConfidence": "deliver",
"spamThreshold": 0.9,
"allowedSenders": ["partner.com", "ops@internal.co"]
}'Add keyword blocklist
Block messages containing specific phrases:
molted safety update --settings '{
"blockedKeywords": ["crypto opportunity", "wire transfer", "urgent action required"]
}'Note that blockedKeywords replaces the entire list on each update. Include all keywords you want active, not just new additions.
Errors
| Error | Cause | Fix |
|---|---|---|
400 Bad Request | Invalid action value or threshold out of range. | Use "deliver", "quarantine", or "reject" for actions. Keep spamThreshold between 0.1 and 1.0, maxLinksThreshold between 1 and 100. |
400 Bad Request | Too many entries in blockedKeywords or allowedSenders. | Each list supports a maximum of 100 entries. |
401 Unauthorized | Missing or invalid API key. | Run molted auth init to authenticate. |
Related
- Inbound Email -- safety classification verdicts and spam queue management
- Approval Queues -- review quarantined messages
- Autonomy Levels -- per-mailbox outbound approval controls
- Policy Simulation -- test policy engine rules before sending