How-to
Restrict by direction
Goal
Apply different rules to messages your agent receives (inbound) versus messages it sends (outbound).
Why direction matters
Inbound and outbound are independent. A rule that allows receiving from a party does not automatically allow sending to them. This separation lets you express realistic policies such as:
- "Receive notifications from monitoring services, but never send to them"
- "Send reports to a logging service, but never receive instructions from it"
- "Allow user emails inbound, but only allow outbound to verified addresses"
Inbound-only rule
// Anyone from example.com can send messages TO our agent
await policies.AddPolicyRuleAsync(new PolicyRule(
Sender: "*@example.com",
Destination: "self",
Realm: "default",
Direction: "inbound",
Effect: "allow")); Outbound-only rule
// Our agent can send messages to any acme.com agent
await policies.AddPolicyRuleAsync(new PolicyRule(
Sender: "self",
Destination: "*.acme.com",
Realm: "default",
Direction: "outbound",
Effect: "allow")); Asymmetric example
Receive from a monitoring service, but never reply:
// Allow inbound from monitoring
await policies.AddPolicyRuleAsync(new PolicyRule(
"[email protected]", "self", "default", "inbound", "allow"));
// Explicitly block outbound to the same address
await policies.AddPolicyRuleAsync(new PolicyRule(
"self", "[email protected]", "default", "outbound", "deny")); What happens on a denied outbound
If your code calls EncryptEnvelopeAsync and an outbound rule
denies the operation, the SDK throws
UnauthorizedAccessException. The message is never produced,
never sent.
try
{
await client.EncryptEnvelopeAsync("[email protected]", "hello");
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine($"Outbound blocked: {ex.Message}");
} See also
- The authorization model Concept
- Allow a specific sender How-to
- Use wildcards in rules How-to