From 18fe518880ad7c28a1edcd986b0ab2b9be331269 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Mon, 27 Jan 2025 09:01:28 +0100
Subject: [PATCH 1/6] fix(tem): blocklist
---
faq/transactional-email.mdx | 18 +-
.../iam/reference-content/permission-sets.mdx | 132 ++++++++++++
.../transactional-email/concepts.mdx | 195 ++++++++++++++++++
menu/navigation.json | 4 +
.../how-to/create-webhooks.mdx | 2 +
.../how-to/manage-blocklists.mdx | 63 ++++++
6 files changed, 408 insertions(+), 6 deletions(-)
create mode 100644 identity-and-access-management/iam/reference-content/permission-sets.mdx
create mode 100644 managed-services/transactional-email/concepts.mdx
create mode 100644 pages/transactional-email/how-to/manage-blocklists.mdx
diff --git a/faq/transactional-email.mdx b/faq/transactional-email.mdx
index f35b30d8dc..8e92120975 100644
--- a/faq/transactional-email.mdx
+++ b/faq/transactional-email.mdx
@@ -25,7 +25,7 @@ Scaleway's Transactional Email platform is dedicated to sending transactional em
## How can I configure DNS records to send emails?
-You need to [add SPF and DKIM records](/transactional-email/how-to/add-spf-dkim-records-to-your-domain/) to be able to send emails. Find out [how to set up your DNS records for other DNS providers](/tutorials/set-up-spf-dkim-for-dns-providers/).
+You need to [add SPF and DKIM records](/managed-services/transactional-email/how-to/add-spf-dkim-records-to-your-domain/) to be able to send emails. Find out [how to set up your DNS records for other DNS providers](/tutorials/set-up-spf-dkim-for-dns-providers/).
## How do I know if my domain is valid for sending emails?
@@ -33,22 +33,28 @@ After configuring your SPF and DKIM records, you must launch a verification of t
## Do I have to set up an MX record for better email deliverability?
-Setting up an [MX record](/transactional-email/concepts#mx-record) is highly recommended to ensure your email deliverability. Find out [how to add an MX record to your domain](/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-your-own-mx-record). You can also [use Scaleway's blackhole MX](/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-scaleways-mx-record) if you do not have your own MX.
+Setting up an [MX record](/managed-services/transactional-email/concepts#mx-record) is highly recommended to ensure your email deliverability. Find out [how to add an MX record to your domain](/managed-services/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-your-own-mx-record). You can also [use Scaleway's blackhole MX](/managed-services/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-scaleways-mx-record) if you do not have your own MX.
## What happens to automatically configured DNS records when I delete a domain in the Transactional Email service?
-When a domain is removed from Scalway's Transactional Email platform, [autoconfigured DNS records](/transactional-email/how-to/autoconfigure-domain/) are not automatically deleted in the Domains & DNS section. If you no longer use the domain for sending emails, you must manually delete or modify these records. It is recommended to verify the associated DNS records to ensure they are correctly configured or removed.
+When a domain is removed from Scalway's Transactional Email platform, [autoconfigured DNS records](/managed-services/transactional-email/how-to/autoconfigure-domain/) are not automatically deleted in the Domains & DNS section. If you no longer use the domain for sending emails, you must manually delete or modify these records. It is recommended to verify the associated DNS records to ensure they are correctly configured or removed.
## What is the impact on the Transactional Email service if a DNS zone is deleted in Scaleway Domains & DNS?
-If a DNS zone is deleted while [autoconfig is enabled](/transactional-email/how-to/autoconfigure-domain/), the DNS records will be added to the parent zone. This ensures that the domain remains validated on the Transactional Email platform, allowing continued use of the service without interruption.
+If a DNS zone is deleted while [autoconfig is enabled](/managed-services/transactional-email/how-to/autoconfigure-domain/), the DNS records will be added to the parent zone. This ensures that the domain remains validated on the Transactional Email platform, allowing continued use of the service without interruption.
## What are the limitations and restrictions when using Transactional Email?
-Find out about [limits and quotas](/transactional-email/reference-content/tem-capabilities-and-limits/) available for Transactional Email. If you want to increase your quota beyond the values shown on this page, [contact our support team](https://console.scaleway.com/support/create).
+Find out about [limits and quotas](/managed-services/transactional-email/reference-content/tem-capabilities-and-limits/) available for Transactional Email. If you want to increase your quota beyond the values shown on this page, [contact our support team](https://console.scaleway.com/support/create).
## How is Scaleway's Transactional Email service billed?
At the end of the month, you are billed for the number of emails you sent.
If the number of emails you have sent exceeds the number of emails included in your offer, you will be billed for the excess emails. For example, if you use the free tier of 300 emails per month, and you end up sending 305 emails, you will only be billed for five emails out of the 305 you have sent.
-Check out our [dedicated page](https://www.scaleway.com/en/pricing/?tags=managedservices-transactionalemail-transactionalemail) for more information about Transactional Email's pricing.
\ No newline at end of file
+Check out our [dedicated page](https://www.scaleway.com/en/pricing/?tags=managedservices-transactionalemail-transactionalemail) for more information about Transactional Email's pricing.
+
+## Can I unblock an address that was automatically added to a TEM blocklist before the 48-hour period ends?
+Yes, you can manually unblock any address, even if it is still under the temporary block period.
+
+## What happens if an address on a TEM blocklist becomes valid again?
+You can manually unblock the address. Make sure you confirm that the initial cause of the bounce was resolved before doing so to avoid further issues.
diff --git a/identity-and-access-management/iam/reference-content/permission-sets.mdx b/identity-and-access-management/iam/reference-content/permission-sets.mdx
new file mode 100644
index 0000000000..001794e948
--- /dev/null
+++ b/identity-and-access-management/iam/reference-content/permission-sets.mdx
@@ -0,0 +1,132 @@
+---
+meta:
+ title: Permission sets
+ description: Explore how to define and manage permission sets for user access control.
+content:
+ h1: Permission sets
+ paragraph: Explore how to define and manage permission sets for user access control.
+dates:
+ validation: 2024-10-23
+---
+
+Permissions sets and their scope make up [IAM rules](/identity-and-access-management/iam/concepts/#rule), which define the access rights that a principal (user, group or application) should have. They consist of sets of one or multiple [permissions](/identity-and-access-management/iam/concepts/#permission).
+
+Permission set names contain descriptions that clearly explain their purpose. For example, a permission set that grants access to all actions you can perform on Instances is called: `InstancesFullAccess`.
+
+Below is a list of the permission sets available at Scaleway.
+
+## Scoped by Organization
+
+| Permission set | Description |
+:----------------------------------------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------------------------: |
+| ProjectManager | Full access to Project management. This means access to create, rename, list and delete projects. It does not include access to Project resources |
+| ProjectReadOnly | Read access to Project management. Does not include access to Project resources |
+| IAMReadOnly | Read access to IAM. This means list and read access to users, groups, applications, policies, and API keys |
+| IAMManager | Full access to IAM. This means access to all possible actions for users, groups, applications, policies and API keys) and all ProjectManager permissions |
+| BillingReadOnly | List and read access to billing information |
+| BillingManager | Full access to billing management. This means access to list, read and edit billing contact information, payment information, billing alerts and invoices |
+| OrganizationManager | Full access to Organization management. This means access to all possible actions for Projects, IAM, billing and support/abuse tickets. Does not include access to list and create resources |
+| OrganizationReadOnly | Read access to the Organization's general information (e.g. Organization ID and quotas) |
+| SupportTicketManager | Full access to support tickets. This means access to create, read and update support tickets in the Organization |
+| SupportTicketReadOnly | List and read access to support tickets |
+| AbuseTicketManager | Full access to abuse tickets. This means access to create, read and update abuse tickets in the Organization |
+| AuditTrailReadOnly | List and read access to Audit Trail events |
+
+
+
+ Any user or application benefitting from the `IAMManager` and/or `OrganizationManager` permission sets is able to create policies giving themselves access to any other actions and resources within the Organization.
+
+
+## Scoped by Project
+
+| Permission set | Description |
+| :--------------------------: | :-----------------------------------------------------------------------------------: |
+| AllProductsFullAccess | Full access to create, read, list, edit and delete all resources (products) |
+| AllProductsReadOnly | Read access to list and read info for all resources (products) |
+| SSHKeysReadOnly | Read access to SSH keys |
+| SSHKeysFullAccess | Full access to SSH keys |
+| AppleSiliconReadOnly | List and read access to Apple Silicon |
+| AppleSiliconFullAccess | Full access to create, read, list, edit and delete Apple Silicon. |
+| ElasticMetalReadOnly | List and read access to Elastic Metal |
+| ElasticMetalFullAccess | Full access to create, read, list, edit and delete Elastic Metal |
+| InstancesFullAccess | Full access to create, read, list, edit and delete Instances |
+| InstancesReadOnly | List and read access to Instances |
+| KubernetesReadOnly | List and read access to Kubernetes |
+| KubernetesFullAccess | Full access to create, read, list, edit and delete Kubernetes |
+| KubernetesExternalNodeRegister | Attach external nodes to a Kosmos cluster |
+| KubernetesSystemMastersGroupAccess | Gives the Kubernetes system:masters role to perform any action on the cluster |
+| DediboxReadOnly | List and read access to Dedibox |
+| DediboxFullAccess | Full access to create, read, list, edit and delete Dedibox |
+| ContainersReadOnly | List and read access to Containers |
+| ContainersFullAccess | Full access to create, read, list, edit and delete to Containers |
+| FunctionsReadOnly | List and read access to Functions |
+| FunctionsFullAccess | Full access to create, read, list, edit and delete Functions |
+| MessagingAndQueuingReadOnly | List and read access to Messaging |
+| MessagingAndQueuingFullAccess | Full access to create, read, list, edit and delete Messaging |
+| ServerlessJobsFullAccess | Full access to create, read, list, edit and delete job definition/run |
+| ServerlessJobsReadOnly | List and read access to job definition/run |
+| ServerlessSQLDatabaseReadOnly| List and read access to Serverless SQL Database |
+| ServerlessSQLDatabaseReadWrite| List, read and write access to Serverless SQL Database. Includes data and table structure edition. Does not include permissions to create databases or edit settings |
+| ServerlessSQLDatabaseFullAccess| Full access to create, read, list, edit and delete Serverless SQL Database |
+| RelationalDatabasesReadOnly | List and read access to Managed Database for PostgreSQL and MySQL |
+| RelationalDatabasesFullAccess| Full access to create, read, list, edit and delete Managed Database for PostgreSQL and MySQL |
+| ObjectStorageReadOnly | List and read access to Object Storage |
+| ObjectStorageFullAccess | Full access to create, read, list, edit and delete Object Storage |
+| ObjectStorageObjectsRead | Read access to objects, tags, metadata, and storage class |
+| ObjectStorageBucketsRead | Read access to buckets and bucket configuration including lifecycle rules |
+| ObjectStorageObjectsWrite | Access to create and edit objects, tags, metadata, and storage class |
+| ObjectStorageObjectsDelete | Access to delete objects |
+| ObjectStorageBucketsWrite | Access to create and edit buckets, bucket configuration including lifecycle rules |
+| ObjectStorageBucketsDelete | Access to delete buckets |
+| RedisReadOnly | List and read access to Managed Database for Redis™ |
+| RedisFullAccess | Full access to create, read, list, edit and delete Managed Database for Redis™ |
+| PrivateNetworksFullAccess | Full access to create, read, list, edit and delete Private Networks |
+| VPCGatewayReadOnly | List and read access to Public Gateways |
+| VPCGatewayFullAccess | Full access to create, read, list, edit and delete Public Gateways |
+| VPCFullAccess | Full access to VPC |
+| VPCReadOnly | Read access to VPC |
+| AutoscalingFullAccess | Full access to autoscaling |
+| AutoscalingReadOnly | Read access to autoscaling |
+| EdgeServicesFullAccess | Full access to Edge Services |
+| EdgeServicesReadOnly | Read access to Edge Services |
+| IPAMFullAccess | Full access to IPAM |
+| IPAMReadOnly | Read access to IPAM |
+| LoadBalancersReadOnly | List and read access to Load Balancer |
+| LoadBalancersFullAccess | Full access to create, read, list, edit and delete Load Balancer |
+| DomainsDNSReadOnly | List and read access to Domains and DNS |
+| DomainsDNSFullAccess | Full access to create, read, list, edit and delete Domains and DNS |
+| ContainerRegistryReadOnly | List and read access to Container Registry |
+| ContainerRegistryFullAccess | Full access to create, read, list, edit and delete Container Registry |
+| IoTReadOnly | List and read access to IoT Hub |
+| IoTFullAccess | Full access to create, read, list, edit and delete IoT Hub |
+| ObservabilityReadOnly | List and read access to Observability |
+| ObservabilityFullAccess | Full access to create, read, list, edit and delete Observability |
+| TransactionalEmailReadOnly | List and read access to Transactional Email |
+| TransactionalEmailFullAccess | Full access to create, read, list, edit and delete Transactional Email |
+| TransactionalEmailBlocklistFullAccess | Full access to blocklists in transactional email. |
+| TransactionalEmailBlocklistReadOnly | Read access to blocklists in transactional email. |
+| TransactionalEmailBlocklistFullAccess | Full access to blocklists in transactional email. |
+| TransactionalEmailBlocklistReadOnly | Read access to blocklists in transactional email. |
+| TransactionalEmailDomainReadOnly | Read access to domains in Transactional Email. Does not include permissions for e-mails |
+| TransactionalEmailDomainFullAccess | Full access to domains in Transactional Email. Does not include permissions for e-mails |
+| TransactionalEmailEmailReadOnly | Read access to e-mails in Transactional Email. Does not include permissions for domain configuration |
+| TransactionalEmailEmailFullAccess | Full access to e-mails in Transactional Email. Does not include permissions for domain configuration |
+| TransactionalEmailWebhookFullAccess | Full access to Webhooks in Transactional Email |
+| TransactionalEmailWebhookReadOnly | Read access to Webhooks in Transactional Email |
+| TransactionalEmailProjectSettingsFullAccess | Full access to Project settings in Transactional Email |
+| TransactionalEmailProjectSettingsReadOnly | Read access to Project settings in Transactional Email |
+| WebHostingReadOnly | List and read access to Web Hosting |
+| WebHostingFullAccess | Full access to create, read, list, edit and delete Web Hosting |
+| SecretManagerReadOnly | List and read secrets' metadata (name, tags, creation date, etc.). Does not include permissions for data (versions) accessing or editing |
+| SecretManagerFullAccess | Full access to create, read, list, edit, access, and delete secrets and their versions in Secret Manager |
+| SecretManagerSecretAccess | Read access to versions' data in Secret Manager. Does not include permissions for data editing |
+| SecretManagerSecretCreate | Permission to create secrets and their versions in Secret Manager. Does not include permission to update secrets and versions |
+| SecretManagerSecretDelete | Permission to delete secrets and their versions in Secret Manager |
+| SecretManagerSecretWrite | Permission to edit the metadata (name, tags, description, etc.) of secrets and their versions in Secret Manager. Does not include permission to create secrets and versions |
+| BlockStorageReadOnly | List and read access to Block Storage |
+| BlockStorageFullAccess | Full access to create, read, list, edit and delete in Block Storage |
+
+
+
+ Some additional permission sets may appear on your Scaleway console if you are enrolled in beta testing for products or features.
+
diff --git a/managed-services/transactional-email/concepts.mdx b/managed-services/transactional-email/concepts.mdx
new file mode 100644
index 0000000000..c54bb60d05
--- /dev/null
+++ b/managed-services/transactional-email/concepts.mdx
@@ -0,0 +1,195 @@
+---
+meta:
+ title: Transactional Email - Concepts
+ description: Learn the fundamental concepts of Scaleway Transactional Email.
+content:
+ h1: Transactional Email - Concepts
+ paragraph: Learn the fundamental concepts of Scaleway Transactional Email.
+tags: managed-services deliverability dkim dns-propagation mx-record send-api smtp transactional spf
+dates:
+ validation: 2024-11-04
+categories:
+ - managed-services
+---
+
+## Aggregate report
+
+An aggregate report (`rua`) is a periodic summary that provides data about a domain's email authentication activity. It includes information such as the volume of emails received, the percentage of emails that pass or fail DMARC checks, and the sources of failed authentication.
+
+## Blocklist
+
+Blocklist allows your to manage email addresses that generate errors, or “bounces”. You can block them improve the quality of your email deliveries, maintain your domain's reputation score, and reduce the risk of having your domains blocked by ISPs.
+
+## Deliverability
+
+Deliverability is the ability for an email to arrive in a recipient’s email inbox.
+
+## DKIM record
+
+A Domain Keys Identified Mail (DKIM) record is an email security standard. It provides you with an encryption key and a digital signature that allows you to verify whether an email was altered.
+
+## DMARC record
+
+DMARC stands for **D**omain-bassed **M**essage **A**uthentication **R**eporting and **C**onformance. It is an email authentication protocol that helps prevent email spoofing and phishing attacks by verifying that the sender's domain is legitimate.
+DMARC builds upon two other email authentication protocols: [SPF](#spf-record) and [DKIM](#dkim-record). It allows domain owners to publish policies in their Domain Name System (DNS) records specifying how emails sent from their domain should be handled if they fail authentication checks.
+
+## DNS propagation
+
+DNS propagation is the time a DNS change takes to be updated across the internet.
+
+## Email Webhook
+
+An email webhook is a mechanism that allows an application to send real-time notifications to another application when a specific email-related event occurs. When certain predefined events happen, a notification (webhook) is sent to a URL specified by the user. This allows the receiving application to immediately react to events such as email delivery, a bounce, or being marked as spam.
+
+## Flags
+
+Scaleway uses flags to provide you with more information about your emails. Flags can let you know whether an email you have sent is considered a spam, for example.
+There are seven types of flags:
+
+- **Greylisted**: This means that your email has been slightly delayed by the recipient, to ensure that Scaleway is not sending spam.
+- **Hard bounce**: This means that a critical error occurred while sending the email. Find out more about [hard bounces](#hard-bounce).
+- **Mailbox full**: This means that your email was not able to reach the recipient's mailbox, because it is full.
+- **Mailbox not found**: This means that your email was not able to reach the recipient's mailbox, because it does not exist.
+- **Send before expiration**: This indicates that you have requested to send your email before a specific date (defined by you), and that your email expires after that date. This is useful if you are sending an email containing a password renewal link, for example.
+- **Soft bounce**: This means that a non-critical error occurred while sending your email. Soft bounced emails are retried. Find out more about [soft bounces](#soft-bounce).
+- **Spam**: This means that your email has been considered spam.
+
+## Forensic report
+
+A forensic report or failure report (`ruf`), is a detailed record of an email message that has failed DMARC authentication. It includes the complete headers and body of the failed emails, details of the authentication checks performed, and any errors encountered.
+
+## Hard bounce
+
+Hard bounce occurs when an email is sent to an invalid email address or an address that does not exist. Unlike [soft bounce](#soft-bounce), which is a temporary error, hard bounce is a permanent error.
+
+In this case, most emailing solutions will blacklist these email addresses.
+
+## IP warming
+
+IP warming is the process of gradually increasing the volume of emails sent through a new IP or an API that has not been used in a while.
+
+The process of warming up an IP address consists of gradually sending emails from it, starting with small volumes and increasing the volume over a period of days weeks or months, according to a set schedule.
+
+Internet service providers are wary of emails sent from new IP addresses with no reputation, so warming up an IP allows for better email deliverability and thus, better reputation.
+
+## IP reputation
+
+IP reputation measures the trustworthiness of an IP address and the amount of unwanted requests it sends. An IP address that sends authentic, spam-free emails, earns a good IP reputation. An IP address that sends high amounts of spam or viruses earns a bad IP reputation. IP reputation allows you to reject requests that are coming from an IP address with a bad reputation.
+
+## MX record
+
+A mail exchanger (MX) record is a DNS record that is required to deliver emails to your address. An MX record indicates which mail servers accept incoming emails for your domain and where emails sent to your domain should be routed to.
+
+Scaleway provides its **own MX server** to improve email deliverability.
+However, Scaleway’s MX server is a **blackhole**. This means that **any email sent back to it, will be lost with no possibility of recovery**. If you have no MX server, we recommend you use Scaleway’s blackhole MX to avoid getting your emails rejected.
+
+## Preheader
+
+A preheader is the summary text that appears after the subject line when viewing an email in your mailbox.
+
+## Pristine spam trap
+
+Pristine spam traps are email addresses created by Internet Service Providers (ISPs) and other entities, such as blacklist organizations, email providers or security companies, to monitor and track spam activity. As these addresses have never actually been used, they lack any history or reputation, making them ideal for generating spam reports.
+
+Scaleway provides its own MX server to improve email deliverability. However, Scaleway's MX server is a **blackhole**. This means that **any email sent back to it, will be lost with no possibility of recovery**. If you have no MX server, we recommend you use Scaleway's blackhole MX to avoid getting your emails rejected.
+
+## Priority
+
+Each MX record has a priority, or a number to designate the order in which your domain's incoming mail servers receive your emails. The MX record with the lowest number is the first, or primary mail server to which outgoing mail servers attempt to deliver your emails.
+
+## RBLs
+
+Realtime Blackhole Lists are directories containing lists of IP addresses, domain names, and mail servers known to actively host, produce, send and/or forward spam or spam sources. Your emails will automatically be considered spam if you send them from an IP address, a domain name, or a mail server known to RBLs.
+
+## Recycled spam trap
+
+Recycled spam traps are old domain registrations or email addresses that were once valid, but are no longer used by a company or an individual.
+
+
+ Repeatedly sending emails to these addresses will gradually harm your sending reputation. Make sure you clean your contact list often and that there are no spelling mistakes in the email addresses you are sending emails to.
+
+
+## Reputation score
+
+A domain's **reputation score** is similar to a grade that email providers give to your domain's online reputation. The reputation score helps them decide whether the emails sent from your domain are trustworthy and should be delivered to your recipient's mailbox, or if your emails should be blocked, classified as spam and rejected. Email providers calculate your domain reputation on a scale of 0 to 100.
+
+The **closer to 100** your reputation score is, the more receiving email servers will trust your emails. A **high** domain reputation score means **better chances of your emails reaching the intended recipients' mailboxes**, while a **low** score might lead to **emails being marked as spam or rejected**.
+
+
+A domain's reputation score is determined by email providers and Internet Service Providers (ISPs), which means you have a different domain reputation for each email service provider.
+
+
+## Send API
+
+A send API is the main API that is used to send transactional emails to recipients.
+
+## SMTP relay
+
+An SMTP relay is a service or server that helps in the transmission of email messages from one email server to another. They act as a bridge between the sender's mail server and the recipient's mail server.
+SMTP relays are designed to handle large volumes of emails, ensuring that emails reach the recipient's server more efficiently and reliably, without being flagged as spam.
+
+## Soft bounce
+
+Soft bounce occurs when your email has been sent to a valid email address, and has reached the recipient's mail server but your email could not be delivered for multiple reasons:
+
+- The recipient's mailbox has exceeded its storage limit
+- The recipient's mail server is down
+- The message was too large for the recipient's mailbox
+
+When a soft bounce occurs, the email software will try to resend the email for 72 hours (maximum) until the message is finally delivered.
+
+## Spam trap
+
+Spam traps are email addresses that Internet Service Providers (ISPs) and blocklist operators use to detect and blacklist spammers and senders who fail to adhere to email best practices. These email addresses may look like legitimate email addresses, but they are not operated by real users.
+There are two types or spam traps:
+- [pristine spam traps](#pristine-spam-trap) and
+- [recycled spam traps](#recycled-spam-trap).
+
+Any contact that has not engaged by **opening** or **clicking a link sent within an email** from you in the past year might be a spam trap.
+
+
+ Make sure you regularly clean up your contact lists to avoid spam traps.
+
+
+## SPF record
+
+An SPF record specifies the mail servers that are allowed to send email for your domain. It allows you to protect senders and recipients from spam and phishing attacks. SPF also prevents spammers from sending emails on behalf of your domain.
+
+## Transactional Email
+
+Transactional Email is a platform that allows you to send transactional emails. Unlike marketing emails (which are mass distributions of the same marketing message to multiple recipients), transactional emails are personalized emails sent to individuals in response to events they have triggered (e.g. password recovery, billing information, delivery updates, etc).
+
+## Webhook Event Type
+
+The Webhook event type defines the type of event that triggered the webhook.
+
+These are the different event types:
+
+- `unknown_type`: The event type is unknown by default. This type is used when the event type has not been specified.
+- `email_queued`: The email was received and is being prepared to be sent to the destination servers. This event indicates that the email sending process has started.
+- `email_dropped`: The email was sent but was definitively rejected by the destination server, or hard-bounced. This can occur due to incorrect or non-existent email addresses.
+- `email_deferred`: The email was sent but was temporarily rejected by the destination server, or soft-bounced. In this case, the sending of the email will be automatically retried. This event type can occur when the destination server is temporarily unavailable.
+- `email_delivered`: The email was successfully sent and accepted by the destination server. This event confirms that the email has reached the recipient's inbox.
+- `email_spam`: The email was identified as spam by Scaleway or the destination server. This event indicates that the email was classified as spam, either by an automated filter or by the recipient.
+- `email_mailbox_not_found`: The email was definitively rejected with a "mailbox not found" error. This indicates that the recipient's email address does not exist or is no longer active.
+- `email_blocklisted` - An email was blocked by an active blocklist.
+- `blocklist_created` - A blocklist is created for an email address. Any new emails sent by the address will be blocked.
+
+
+ Refer to the [Transactional Email API documentation](https://www.scaleway.com/en/developers/api/transactional-email/) for more information about event types.
+
+
+## Webhook Event Status
+
+The Webhook event status indicates the status of the webhook delivery.
+
+These are the different event statuses:
+
+- `unknown_status`: The status of the event is unknown by default. This status is used when the event status has not been specified.
+- `sending`: The webhook event is being sent. This means that the notification is in transit to the configured URL.
+- `sent`: The webhook event was successfully sent. This status indicates that the notification was received by the configured URL.
+- `failed`: The webhook event could not be sent after multiple attempts. This status means there were repeated errors during the attempt to send the notification.
+
+
+ Refer to the [Transactional Email API documentation](https://www.scaleway.com/en/developers/api/transactional-email/) for more information about event statuses.
+
\ No newline at end of file
diff --git a/menu/navigation.json b/menu/navigation.json
index abde72a31a..f42914c263 100644
--- a/menu/navigation.json
+++ b/menu/navigation.json
@@ -2495,6 +2495,10 @@
"label": "Create and manage an email webhook",
"slug": "create-webhooks"
},
+ {
+ "label": "Manage blocklists",
+ "slug": "manage-blocklists"
+ },
{
"label": "Delete your domain",
"slug": "delete-tem-domain"
diff --git a/pages/transactional-email/how-to/create-webhooks.mdx b/pages/transactional-email/how-to/create-webhooks.mdx
index 67c759b26c..6348719232 100644
--- a/pages/transactional-email/how-to/create-webhooks.mdx
+++ b/pages/transactional-email/how-to/create-webhooks.mdx
@@ -23,6 +23,8 @@ You can set up webhooks for Scaleway Transactional Email and subscribe them to [
Currently, webhooks are integrated exclusively with the Scaleway Topics and Events. Billing for webhooks is based on the Scaleway [Topics and Events billing](https://www.scaleway.com/en/pricing/managed-databases/#messaging-and-queuing).
+
+
- A Scaleway account logged into the [console](https://console.scaleway.com)
- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
- [Configured your domain(s) with Transactional Email](/transactional-email/how-to/configure-domain-with-transactional-email/)
diff --git a/pages/transactional-email/how-to/manage-blocklists.mdx b/pages/transactional-email/how-to/manage-blocklists.mdx
new file mode 100644
index 0000000000..1369f31599
--- /dev/null
+++ b/pages/transactional-email/how-to/manage-blocklists.mdx
@@ -0,0 +1,63 @@
+---
+meta:
+ title: How to manage Transactional Email blocklists
+ description: This page provides instructions how to improve the quality of your email deliveries and maintain your domain's reputation score with TEM blocklists.
+content:
+ h1: How to manage Transactional Email blocklists
+ paragraph: This page provides instructions how to improve the quality of your email deliveries and maintain your domain's reputation score with TEM blocklists.
+tags: blocklist reputation transactional
+dates:
+ validation: 2025-01-20
+ posted: 2025-01-20
+categories:
+ - managed-services
+---
+
+The Transactional Email blocklist feature allows your to manage email addresses that generate errors, or “bounces”. This helps you improve the quality of your email deliveries, maintain your domain's reputation score, and reduce the risk of having your domains blocked by ISPs.
+
+
+
+- A Scaleway account logged into the [console](https://console.scaleway.com)
+- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing you to perform actions in the intended Organization
+- [Configured your domain(s) with Transactional Email](/managed-services/transactional-email/how-to/configure-domain-with-transactional-email/)
+
+## How to monitor temporary blocklists
+
+If any of your emails were bounced, you will see a temporary blocklist entry, with a duration of 48h, containing the details of the email that bounced and the reason, or flag. Some examples of bounce reasons are:
+
+ - `Mailbox not found` - when mailbox does not exist
+ - `Mailbox full` - when the mailbox is full.
+
+The temporary blocklist entry is created automatically to prevent repeated attempts to send e-mails, which could damage your reputation.
+
+To see the blocklist:
+
+1. Click **Transactional Email** in the **Managed Services** section of the [console](https://console.scaleway.com/) side menu. Your domains display.
+2. Click the domain for which you want to manage the blocklist. An overview of your domain appears.
+3. Click the **Blocklist** tab. Your blocklist displays detailing the recipient email, the flags, the date the block began and when it ends.
+
+
+ You can [create webhooks](/managed-services/transactional-email/how-to/create-webhooks) for the following blocklist events:
+ - `email_blocklisted` - An email was blocked by an active blocklist.
+ - `blocklist_created` - A blocklist is created for an email address. Any new emails sent by the address will be blocked.
+
+ By setting up a blocklist webhook, you can track changes to your blocklist in real time.
+
+
+## How to unblock an email address
+
+You can unblock any address that was added to the blocklist. This is useful in cases where:
+
+- A temporary error has been corrected. The recipient has freed up space in their mailbox, for example.
+- An address becomes valid again after an update.
+
+1. Click **Transactional Email** in the **Managed Services** section of the [console](https://console.scaleway.com/) side menu. Your domains display.
+2. Click the domain for which you want to manage the blocklist. An overview of your domain appears.
+3. Click the **Blocklist** tab. Your blocklist displays.
+4. Click **Unblock** next to the email address you wish to unblock. A pop-up appears to warn you to:
+
+
+ Make sure the issue causing the email's rejection is resolved before unblocking it to protect your reputation score and ensure optimal email deliverability.
+
+5. Type **UNBLOCK** and click **Unblock** if you wish to continue.
+ The email address is removed from your blocklist.
From e8a4573cc5ae49a9ad2872b02864a6a68f465a84 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Wed, 29 Jan 2025 08:56:40 +0100
Subject: [PATCH 2/6] fix(tem): reviews
---
faq/transactional-email.mdx | 2 +-
.../iam/reference-content/permission-sets.mdx | 132 ------------
.../transactional-email/concepts.mdx | 195 ------------------
.../iam/reference-content/permission-sets.mdx | 2 +
pages/transactional-email/concepts.mdx | 9 +-
.../how-to/manage-blocklists.mdx | 10 +-
6 files changed, 18 insertions(+), 332 deletions(-)
delete mode 100644 identity-and-access-management/iam/reference-content/permission-sets.mdx
delete mode 100644 managed-services/transactional-email/concepts.mdx
diff --git a/faq/transactional-email.mdx b/faq/transactional-email.mdx
index 8e92120975..8983b63aa9 100644
--- a/faq/transactional-email.mdx
+++ b/faq/transactional-email.mdx
@@ -54,7 +54,7 @@ If the number of emails you have sent exceeds the number of emails included in y
Check out our [dedicated page](https://www.scaleway.com/en/pricing/?tags=managedservices-transactionalemail-transactionalemail) for more information about Transactional Email's pricing.
## Can I unblock an address that was automatically added to a TEM blocklist before the 48-hour period ends?
-Yes, you can manually unblock any address, even if it is still under the temporary block period.
+Yes, you can manually unblock any address, even if it is still under the temporary block period. You can unblock up to five addresses every 24 hours.
## What happens if an address on a TEM blocklist becomes valid again?
You can manually unblock the address. Make sure you confirm that the initial cause of the bounce was resolved before doing so to avoid further issues.
diff --git a/identity-and-access-management/iam/reference-content/permission-sets.mdx b/identity-and-access-management/iam/reference-content/permission-sets.mdx
deleted file mode 100644
index 001794e948..0000000000
--- a/identity-and-access-management/iam/reference-content/permission-sets.mdx
+++ /dev/null
@@ -1,132 +0,0 @@
----
-meta:
- title: Permission sets
- description: Explore how to define and manage permission sets for user access control.
-content:
- h1: Permission sets
- paragraph: Explore how to define and manage permission sets for user access control.
-dates:
- validation: 2024-10-23
----
-
-Permissions sets and their scope make up [IAM rules](/identity-and-access-management/iam/concepts/#rule), which define the access rights that a principal (user, group or application) should have. They consist of sets of one or multiple [permissions](/identity-and-access-management/iam/concepts/#permission).
-
-Permission set names contain descriptions that clearly explain their purpose. For example, a permission set that grants access to all actions you can perform on Instances is called: `InstancesFullAccess`.
-
-Below is a list of the permission sets available at Scaleway.
-
-## Scoped by Organization
-
-| Permission set | Description |
-:----------------------------------------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------------------------: |
-| ProjectManager | Full access to Project management. This means access to create, rename, list and delete projects. It does not include access to Project resources |
-| ProjectReadOnly | Read access to Project management. Does not include access to Project resources |
-| IAMReadOnly | Read access to IAM. This means list and read access to users, groups, applications, policies, and API keys |
-| IAMManager | Full access to IAM. This means access to all possible actions for users, groups, applications, policies and API keys) and all ProjectManager permissions |
-| BillingReadOnly | List and read access to billing information |
-| BillingManager | Full access to billing management. This means access to list, read and edit billing contact information, payment information, billing alerts and invoices |
-| OrganizationManager | Full access to Organization management. This means access to all possible actions for Projects, IAM, billing and support/abuse tickets. Does not include access to list and create resources |
-| OrganizationReadOnly | Read access to the Organization's general information (e.g. Organization ID and quotas) |
-| SupportTicketManager | Full access to support tickets. This means access to create, read and update support tickets in the Organization |
-| SupportTicketReadOnly | List and read access to support tickets |
-| AbuseTicketManager | Full access to abuse tickets. This means access to create, read and update abuse tickets in the Organization |
-| AuditTrailReadOnly | List and read access to Audit Trail events |
-
-
-
- Any user or application benefitting from the `IAMManager` and/or `OrganizationManager` permission sets is able to create policies giving themselves access to any other actions and resources within the Organization.
-
-
-## Scoped by Project
-
-| Permission set | Description |
-| :--------------------------: | :-----------------------------------------------------------------------------------: |
-| AllProductsFullAccess | Full access to create, read, list, edit and delete all resources (products) |
-| AllProductsReadOnly | Read access to list and read info for all resources (products) |
-| SSHKeysReadOnly | Read access to SSH keys |
-| SSHKeysFullAccess | Full access to SSH keys |
-| AppleSiliconReadOnly | List and read access to Apple Silicon |
-| AppleSiliconFullAccess | Full access to create, read, list, edit and delete Apple Silicon. |
-| ElasticMetalReadOnly | List and read access to Elastic Metal |
-| ElasticMetalFullAccess | Full access to create, read, list, edit and delete Elastic Metal |
-| InstancesFullAccess | Full access to create, read, list, edit and delete Instances |
-| InstancesReadOnly | List and read access to Instances |
-| KubernetesReadOnly | List and read access to Kubernetes |
-| KubernetesFullAccess | Full access to create, read, list, edit and delete Kubernetes |
-| KubernetesExternalNodeRegister | Attach external nodes to a Kosmos cluster |
-| KubernetesSystemMastersGroupAccess | Gives the Kubernetes system:masters role to perform any action on the cluster |
-| DediboxReadOnly | List and read access to Dedibox |
-| DediboxFullAccess | Full access to create, read, list, edit and delete Dedibox |
-| ContainersReadOnly | List and read access to Containers |
-| ContainersFullAccess | Full access to create, read, list, edit and delete to Containers |
-| FunctionsReadOnly | List and read access to Functions |
-| FunctionsFullAccess | Full access to create, read, list, edit and delete Functions |
-| MessagingAndQueuingReadOnly | List and read access to Messaging |
-| MessagingAndQueuingFullAccess | Full access to create, read, list, edit and delete Messaging |
-| ServerlessJobsFullAccess | Full access to create, read, list, edit and delete job definition/run |
-| ServerlessJobsReadOnly | List and read access to job definition/run |
-| ServerlessSQLDatabaseReadOnly| List and read access to Serverless SQL Database |
-| ServerlessSQLDatabaseReadWrite| List, read and write access to Serverless SQL Database. Includes data and table structure edition. Does not include permissions to create databases or edit settings |
-| ServerlessSQLDatabaseFullAccess| Full access to create, read, list, edit and delete Serverless SQL Database |
-| RelationalDatabasesReadOnly | List and read access to Managed Database for PostgreSQL and MySQL |
-| RelationalDatabasesFullAccess| Full access to create, read, list, edit and delete Managed Database for PostgreSQL and MySQL |
-| ObjectStorageReadOnly | List and read access to Object Storage |
-| ObjectStorageFullAccess | Full access to create, read, list, edit and delete Object Storage |
-| ObjectStorageObjectsRead | Read access to objects, tags, metadata, and storage class |
-| ObjectStorageBucketsRead | Read access to buckets and bucket configuration including lifecycle rules |
-| ObjectStorageObjectsWrite | Access to create and edit objects, tags, metadata, and storage class |
-| ObjectStorageObjectsDelete | Access to delete objects |
-| ObjectStorageBucketsWrite | Access to create and edit buckets, bucket configuration including lifecycle rules |
-| ObjectStorageBucketsDelete | Access to delete buckets |
-| RedisReadOnly | List and read access to Managed Database for Redis™ |
-| RedisFullAccess | Full access to create, read, list, edit and delete Managed Database for Redis™ |
-| PrivateNetworksFullAccess | Full access to create, read, list, edit and delete Private Networks |
-| VPCGatewayReadOnly | List and read access to Public Gateways |
-| VPCGatewayFullAccess | Full access to create, read, list, edit and delete Public Gateways |
-| VPCFullAccess | Full access to VPC |
-| VPCReadOnly | Read access to VPC |
-| AutoscalingFullAccess | Full access to autoscaling |
-| AutoscalingReadOnly | Read access to autoscaling |
-| EdgeServicesFullAccess | Full access to Edge Services |
-| EdgeServicesReadOnly | Read access to Edge Services |
-| IPAMFullAccess | Full access to IPAM |
-| IPAMReadOnly | Read access to IPAM |
-| LoadBalancersReadOnly | List and read access to Load Balancer |
-| LoadBalancersFullAccess | Full access to create, read, list, edit and delete Load Balancer |
-| DomainsDNSReadOnly | List and read access to Domains and DNS |
-| DomainsDNSFullAccess | Full access to create, read, list, edit and delete Domains and DNS |
-| ContainerRegistryReadOnly | List and read access to Container Registry |
-| ContainerRegistryFullAccess | Full access to create, read, list, edit and delete Container Registry |
-| IoTReadOnly | List and read access to IoT Hub |
-| IoTFullAccess | Full access to create, read, list, edit and delete IoT Hub |
-| ObservabilityReadOnly | List and read access to Observability |
-| ObservabilityFullAccess | Full access to create, read, list, edit and delete Observability |
-| TransactionalEmailReadOnly | List and read access to Transactional Email |
-| TransactionalEmailFullAccess | Full access to create, read, list, edit and delete Transactional Email |
-| TransactionalEmailBlocklistFullAccess | Full access to blocklists in transactional email. |
-| TransactionalEmailBlocklistReadOnly | Read access to blocklists in transactional email. |
-| TransactionalEmailBlocklistFullAccess | Full access to blocklists in transactional email. |
-| TransactionalEmailBlocklistReadOnly | Read access to blocklists in transactional email. |
-| TransactionalEmailDomainReadOnly | Read access to domains in Transactional Email. Does not include permissions for e-mails |
-| TransactionalEmailDomainFullAccess | Full access to domains in Transactional Email. Does not include permissions for e-mails |
-| TransactionalEmailEmailReadOnly | Read access to e-mails in Transactional Email. Does not include permissions for domain configuration |
-| TransactionalEmailEmailFullAccess | Full access to e-mails in Transactional Email. Does not include permissions for domain configuration |
-| TransactionalEmailWebhookFullAccess | Full access to Webhooks in Transactional Email |
-| TransactionalEmailWebhookReadOnly | Read access to Webhooks in Transactional Email |
-| TransactionalEmailProjectSettingsFullAccess | Full access to Project settings in Transactional Email |
-| TransactionalEmailProjectSettingsReadOnly | Read access to Project settings in Transactional Email |
-| WebHostingReadOnly | List and read access to Web Hosting |
-| WebHostingFullAccess | Full access to create, read, list, edit and delete Web Hosting |
-| SecretManagerReadOnly | List and read secrets' metadata (name, tags, creation date, etc.). Does not include permissions for data (versions) accessing or editing |
-| SecretManagerFullAccess | Full access to create, read, list, edit, access, and delete secrets and their versions in Secret Manager |
-| SecretManagerSecretAccess | Read access to versions' data in Secret Manager. Does not include permissions for data editing |
-| SecretManagerSecretCreate | Permission to create secrets and their versions in Secret Manager. Does not include permission to update secrets and versions |
-| SecretManagerSecretDelete | Permission to delete secrets and their versions in Secret Manager |
-| SecretManagerSecretWrite | Permission to edit the metadata (name, tags, description, etc.) of secrets and their versions in Secret Manager. Does not include permission to create secrets and versions |
-| BlockStorageReadOnly | List and read access to Block Storage |
-| BlockStorageFullAccess | Full access to create, read, list, edit and delete in Block Storage |
-
-
-
- Some additional permission sets may appear on your Scaleway console if you are enrolled in beta testing for products or features.
-
diff --git a/managed-services/transactional-email/concepts.mdx b/managed-services/transactional-email/concepts.mdx
deleted file mode 100644
index c54bb60d05..0000000000
--- a/managed-services/transactional-email/concepts.mdx
+++ /dev/null
@@ -1,195 +0,0 @@
----
-meta:
- title: Transactional Email - Concepts
- description: Learn the fundamental concepts of Scaleway Transactional Email.
-content:
- h1: Transactional Email - Concepts
- paragraph: Learn the fundamental concepts of Scaleway Transactional Email.
-tags: managed-services deliverability dkim dns-propagation mx-record send-api smtp transactional spf
-dates:
- validation: 2024-11-04
-categories:
- - managed-services
----
-
-## Aggregate report
-
-An aggregate report (`rua`) is a periodic summary that provides data about a domain's email authentication activity. It includes information such as the volume of emails received, the percentage of emails that pass or fail DMARC checks, and the sources of failed authentication.
-
-## Blocklist
-
-Blocklist allows your to manage email addresses that generate errors, or “bounces”. You can block them improve the quality of your email deliveries, maintain your domain's reputation score, and reduce the risk of having your domains blocked by ISPs.
-
-## Deliverability
-
-Deliverability is the ability for an email to arrive in a recipient’s email inbox.
-
-## DKIM record
-
-A Domain Keys Identified Mail (DKIM) record is an email security standard. It provides you with an encryption key and a digital signature that allows you to verify whether an email was altered.
-
-## DMARC record
-
-DMARC stands for **D**omain-bassed **M**essage **A**uthentication **R**eporting and **C**onformance. It is an email authentication protocol that helps prevent email spoofing and phishing attacks by verifying that the sender's domain is legitimate.
-DMARC builds upon two other email authentication protocols: [SPF](#spf-record) and [DKIM](#dkim-record). It allows domain owners to publish policies in their Domain Name System (DNS) records specifying how emails sent from their domain should be handled if they fail authentication checks.
-
-## DNS propagation
-
-DNS propagation is the time a DNS change takes to be updated across the internet.
-
-## Email Webhook
-
-An email webhook is a mechanism that allows an application to send real-time notifications to another application when a specific email-related event occurs. When certain predefined events happen, a notification (webhook) is sent to a URL specified by the user. This allows the receiving application to immediately react to events such as email delivery, a bounce, or being marked as spam.
-
-## Flags
-
-Scaleway uses flags to provide you with more information about your emails. Flags can let you know whether an email you have sent is considered a spam, for example.
-There are seven types of flags:
-
-- **Greylisted**: This means that your email has been slightly delayed by the recipient, to ensure that Scaleway is not sending spam.
-- **Hard bounce**: This means that a critical error occurred while sending the email. Find out more about [hard bounces](#hard-bounce).
-- **Mailbox full**: This means that your email was not able to reach the recipient's mailbox, because it is full.
-- **Mailbox not found**: This means that your email was not able to reach the recipient's mailbox, because it does not exist.
-- **Send before expiration**: This indicates that you have requested to send your email before a specific date (defined by you), and that your email expires after that date. This is useful if you are sending an email containing a password renewal link, for example.
-- **Soft bounce**: This means that a non-critical error occurred while sending your email. Soft bounced emails are retried. Find out more about [soft bounces](#soft-bounce).
-- **Spam**: This means that your email has been considered spam.
-
-## Forensic report
-
-A forensic report or failure report (`ruf`), is a detailed record of an email message that has failed DMARC authentication. It includes the complete headers and body of the failed emails, details of the authentication checks performed, and any errors encountered.
-
-## Hard bounce
-
-Hard bounce occurs when an email is sent to an invalid email address or an address that does not exist. Unlike [soft bounce](#soft-bounce), which is a temporary error, hard bounce is a permanent error.
-
-In this case, most emailing solutions will blacklist these email addresses.
-
-## IP warming
-
-IP warming is the process of gradually increasing the volume of emails sent through a new IP or an API that has not been used in a while.
-
-The process of warming up an IP address consists of gradually sending emails from it, starting with small volumes and increasing the volume over a period of days weeks or months, according to a set schedule.
-
-Internet service providers are wary of emails sent from new IP addresses with no reputation, so warming up an IP allows for better email deliverability and thus, better reputation.
-
-## IP reputation
-
-IP reputation measures the trustworthiness of an IP address and the amount of unwanted requests it sends. An IP address that sends authentic, spam-free emails, earns a good IP reputation. An IP address that sends high amounts of spam or viruses earns a bad IP reputation. IP reputation allows you to reject requests that are coming from an IP address with a bad reputation.
-
-## MX record
-
-A mail exchanger (MX) record is a DNS record that is required to deliver emails to your address. An MX record indicates which mail servers accept incoming emails for your domain and where emails sent to your domain should be routed to.
-
-Scaleway provides its **own MX server** to improve email deliverability.
-However, Scaleway’s MX server is a **blackhole**. This means that **any email sent back to it, will be lost with no possibility of recovery**. If you have no MX server, we recommend you use Scaleway’s blackhole MX to avoid getting your emails rejected.
-
-## Preheader
-
-A preheader is the summary text that appears after the subject line when viewing an email in your mailbox.
-
-## Pristine spam trap
-
-Pristine spam traps are email addresses created by Internet Service Providers (ISPs) and other entities, such as blacklist organizations, email providers or security companies, to monitor and track spam activity. As these addresses have never actually been used, they lack any history or reputation, making them ideal for generating spam reports.
-
-Scaleway provides its own MX server to improve email deliverability. However, Scaleway's MX server is a **blackhole**. This means that **any email sent back to it, will be lost with no possibility of recovery**. If you have no MX server, we recommend you use Scaleway's blackhole MX to avoid getting your emails rejected.
-
-## Priority
-
-Each MX record has a priority, or a number to designate the order in which your domain's incoming mail servers receive your emails. The MX record with the lowest number is the first, or primary mail server to which outgoing mail servers attempt to deliver your emails.
-
-## RBLs
-
-Realtime Blackhole Lists are directories containing lists of IP addresses, domain names, and mail servers known to actively host, produce, send and/or forward spam or spam sources. Your emails will automatically be considered spam if you send them from an IP address, a domain name, or a mail server known to RBLs.
-
-## Recycled spam trap
-
-Recycled spam traps are old domain registrations or email addresses that were once valid, but are no longer used by a company or an individual.
-
-
- Repeatedly sending emails to these addresses will gradually harm your sending reputation. Make sure you clean your contact list often and that there are no spelling mistakes in the email addresses you are sending emails to.
-
-
-## Reputation score
-
-A domain's **reputation score** is similar to a grade that email providers give to your domain's online reputation. The reputation score helps them decide whether the emails sent from your domain are trustworthy and should be delivered to your recipient's mailbox, or if your emails should be blocked, classified as spam and rejected. Email providers calculate your domain reputation on a scale of 0 to 100.
-
-The **closer to 100** your reputation score is, the more receiving email servers will trust your emails. A **high** domain reputation score means **better chances of your emails reaching the intended recipients' mailboxes**, while a **low** score might lead to **emails being marked as spam or rejected**.
-
-
-A domain's reputation score is determined by email providers and Internet Service Providers (ISPs), which means you have a different domain reputation for each email service provider.
-
-
-## Send API
-
-A send API is the main API that is used to send transactional emails to recipients.
-
-## SMTP relay
-
-An SMTP relay is a service or server that helps in the transmission of email messages from one email server to another. They act as a bridge between the sender's mail server and the recipient's mail server.
-SMTP relays are designed to handle large volumes of emails, ensuring that emails reach the recipient's server more efficiently and reliably, without being flagged as spam.
-
-## Soft bounce
-
-Soft bounce occurs when your email has been sent to a valid email address, and has reached the recipient's mail server but your email could not be delivered for multiple reasons:
-
-- The recipient's mailbox has exceeded its storage limit
-- The recipient's mail server is down
-- The message was too large for the recipient's mailbox
-
-When a soft bounce occurs, the email software will try to resend the email for 72 hours (maximum) until the message is finally delivered.
-
-## Spam trap
-
-Spam traps are email addresses that Internet Service Providers (ISPs) and blocklist operators use to detect and blacklist spammers and senders who fail to adhere to email best practices. These email addresses may look like legitimate email addresses, but they are not operated by real users.
-There are two types or spam traps:
-- [pristine spam traps](#pristine-spam-trap) and
-- [recycled spam traps](#recycled-spam-trap).
-
-Any contact that has not engaged by **opening** or **clicking a link sent within an email** from you in the past year might be a spam trap.
-
-
- Make sure you regularly clean up your contact lists to avoid spam traps.
-
-
-## SPF record
-
-An SPF record specifies the mail servers that are allowed to send email for your domain. It allows you to protect senders and recipients from spam and phishing attacks. SPF also prevents spammers from sending emails on behalf of your domain.
-
-## Transactional Email
-
-Transactional Email is a platform that allows you to send transactional emails. Unlike marketing emails (which are mass distributions of the same marketing message to multiple recipients), transactional emails are personalized emails sent to individuals in response to events they have triggered (e.g. password recovery, billing information, delivery updates, etc).
-
-## Webhook Event Type
-
-The Webhook event type defines the type of event that triggered the webhook.
-
-These are the different event types:
-
-- `unknown_type`: The event type is unknown by default. This type is used when the event type has not been specified.
-- `email_queued`: The email was received and is being prepared to be sent to the destination servers. This event indicates that the email sending process has started.
-- `email_dropped`: The email was sent but was definitively rejected by the destination server, or hard-bounced. This can occur due to incorrect or non-existent email addresses.
-- `email_deferred`: The email was sent but was temporarily rejected by the destination server, or soft-bounced. In this case, the sending of the email will be automatically retried. This event type can occur when the destination server is temporarily unavailable.
-- `email_delivered`: The email was successfully sent and accepted by the destination server. This event confirms that the email has reached the recipient's inbox.
-- `email_spam`: The email was identified as spam by Scaleway or the destination server. This event indicates that the email was classified as spam, either by an automated filter or by the recipient.
-- `email_mailbox_not_found`: The email was definitively rejected with a "mailbox not found" error. This indicates that the recipient's email address does not exist or is no longer active.
-- `email_blocklisted` - An email was blocked by an active blocklist.
-- `blocklist_created` - A blocklist is created for an email address. Any new emails sent by the address will be blocked.
-
-
- Refer to the [Transactional Email API documentation](https://www.scaleway.com/en/developers/api/transactional-email/) for more information about event types.
-
-
-## Webhook Event Status
-
-The Webhook event status indicates the status of the webhook delivery.
-
-These are the different event statuses:
-
-- `unknown_status`: The status of the event is unknown by default. This status is used when the event status has not been specified.
-- `sending`: The webhook event is being sent. This means that the notification is in transit to the configured URL.
-- `sent`: The webhook event was successfully sent. This status indicates that the notification was received by the configured URL.
-- `failed`: The webhook event could not be sent after multiple attempts. This status means there were repeated errors during the attempt to send the notification.
-
-
- Refer to the [Transactional Email API documentation](https://www.scaleway.com/en/developers/api/transactional-email/) for more information about event statuses.
-
\ No newline at end of file
diff --git a/pages/iam/reference-content/permission-sets.mdx b/pages/iam/reference-content/permission-sets.mdx
index 89c2f16cd8..c399ee4625 100644
--- a/pages/iam/reference-content/permission-sets.mdx
+++ b/pages/iam/reference-content/permission-sets.mdx
@@ -103,6 +103,8 @@ Below is a list of the permission sets available at Scaleway.
| ObservabilityFullAccess | Full access to create, read, list, edit and delete Observability |
| TransactionalEmailReadOnly | List and read access to Transactional Email |
| TransactionalEmailFullAccess | Full access to create, read, list, edit and delete Transactional Email |
+| TransactionalEmailBlocklistFullAccess | Full access to blocklists in transactional email. |
+| TransactionalEmailBlocklistReadOnly | Read access to blocklists in transactional email. |
| TransactionalEmailDomainReadOnly | Read access to domains in Transactional Email. Does not include permissions for e-mails |
| TransactionalEmailDomainFullAccess | Full access to domains in Transactional Email. Does not include permissions for e-mails |
| TransactionalEmailEmailReadOnly | Read access to e-mails in Transactional Email. Does not include permissions for domain configuration |
diff --git a/pages/transactional-email/concepts.mdx b/pages/transactional-email/concepts.mdx
index 4373b4704a..769f337157 100644
--- a/pages/transactional-email/concepts.mdx
+++ b/pages/transactional-email/concepts.mdx
@@ -16,6 +16,10 @@ categories:
An aggregate report (`rua`) is a periodic summary that provides data about a domain's email authentication activity. It includes information such as the volume of emails received, the percentage of emails that pass or fail DMARC checks, and the sources of failed authentication.
+## Blocklist
+
+Blocklist is a feature that allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist or is full to prevent sending emails to a recipient address that is not reachable.
+
## Deliverability
Deliverability is the ability for an email to arrive in a recipient’s email inbox.
@@ -27,7 +31,7 @@ A Domain Keys Identified Mail (DKIM) record is an email security standard. It pr
## DMARC record
DMARC stands for **D**omain-bassed **M**essage **A**uthentication **R**eporting and **C**onformance. It is an email authentication protocol that helps prevent email spoofing and phishing attacks by verifying that the sender's domain is legitimate.
-DMARC builds upon two other email authentication protocols: [SPF](#spf-record) and [DKIM](#dkim-record). It allows domain owners to publish policies in their Domain Name System (DNS) records specifying how emails sent from their domain should be handled if they fail authentication checks.
+DMARC builds upon other email authentication protocols: [SPF](#spf-record) and [DKIM](#dkim-record). It allows domain owners to publish policies in their Domain Name System (DNS) records specifying how emails sent from their domain should be handled if they fail authentication checks.
## DNS propagation
@@ -49,6 +53,7 @@ There are seven types of flags:
- **Send before expiration**: This indicates that you have requested to send your email before a specific date (defined by you), and that your email expires after that date. This is useful if you are sending an email containing a password renewal link, for example.
- **Soft bounce**: This means that a non-critical error occurred while sending your email. Soft bounced emails are retried. Find out more about [soft bounces](#soft-bounce).
- **Spam**: This means that your email has been considered spam.
+- **Blocklisted**: This means that the email was blocked by a blocklist before the sending attempt.
## Forensic report
@@ -168,6 +173,8 @@ These are the different event types:
- `email_delivered`: The email was successfully sent and accepted by the destination server. This event confirms that the email has reached the recipient's inbox.
- `email_spam`: The email was identified as spam by Scaleway or the destination server. This event indicates that the email was classified as spam, either by an automated filter or by the recipient.
- `email_mailbox_not_found`: The email was definitively rejected with a "mailbox not found" error. This indicates that the recipient's email address does not exist or is no longer active.
+- `email_blocklisted` - An email was blocked by an active blocklist.
+- `blocklist_created` - A blocklist is created for an email address. Any new emails sent by the address will be blocked.
Refer to the [Transactional Email API documentation](https://www.scaleway.com/en/developers/api/transactional-email/) for more information about event types.
diff --git a/pages/transactional-email/how-to/manage-blocklists.mdx b/pages/transactional-email/how-to/manage-blocklists.mdx
index 1369f31599..d020528303 100644
--- a/pages/transactional-email/how-to/manage-blocklists.mdx
+++ b/pages/transactional-email/how-to/manage-blocklists.mdx
@@ -13,7 +13,7 @@ categories:
- managed-services
---
-The Transactional Email blocklist feature allows your to manage email addresses that generate errors, or “bounces”. This helps you improve the quality of your email deliveries, maintain your domain's reputation score, and reduce the risk of having your domains blocked by ISPs.
+The Transactional Email blocklist feature allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist or is full to prevent sending emails to a recipient address that is not reachable.
@@ -23,12 +23,12 @@ The Transactional Email blocklist feature allows your to manage email addresses
## How to monitor temporary blocklists
-If any of your emails were bounced, you will see a temporary blocklist entry, with a duration of 48h, containing the details of the email that bounced and the reason, or flag. Some examples of bounce reasons are:
+If any of your emails were bounced, you will see a temporary blocklist entry, with a duration of 48 hours, containing the details of the email that bounced and the reason, or flag. Some examples of bounce reasons are:
- `Mailbox not found` - when mailbox does not exist
- `Mailbox full` - when the mailbox is full.
-The temporary blocklist entry is created automatically to prevent repeated attempts to send e-mails, which could damage your reputation.
+The temporary blocklist entry is created automatically to prevent repeated attempts to send emails, which could damage your reputation.
To see the blocklist:
@@ -51,6 +51,10 @@ You can unblock any address that was added to the blocklist. This is useful in c
- A temporary error has been corrected. The recipient has freed up space in their mailbox, for example.
- An address becomes valid again after an update.
+
+ You can unblock up to five addresses every 24 hours.
+
+
1. Click **Transactional Email** in the **Managed Services** section of the [console](https://console.scaleway.com/) side menu. Your domains display.
2. Click the domain for which you want to manage the blocklist. An overview of your domain appears.
3. Click the **Blocklist** tab. Your blocklist displays.
From 26dcd4d661a20d81925a5e705dcf442c50006df1 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Wed, 29 Jan 2025 08:58:02 +0100
Subject: [PATCH 3/6] fix(tem): typo
---
pages/iam/reference-content/permission-sets.mdx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pages/iam/reference-content/permission-sets.mdx b/pages/iam/reference-content/permission-sets.mdx
index c399ee4625..b3df059478 100644
--- a/pages/iam/reference-content/permission-sets.mdx
+++ b/pages/iam/reference-content/permission-sets.mdx
@@ -103,8 +103,8 @@ Below is a list of the permission sets available at Scaleway.
| ObservabilityFullAccess | Full access to create, read, list, edit and delete Observability |
| TransactionalEmailReadOnly | List and read access to Transactional Email |
| TransactionalEmailFullAccess | Full access to create, read, list, edit and delete Transactional Email |
-| TransactionalEmailBlocklistFullAccess | Full access to blocklists in transactional email. |
-| TransactionalEmailBlocklistReadOnly | Read access to blocklists in transactional email. |
+| TransactionalEmailBlocklistFullAccess | Full access to blocklists in Transactional Email. |
+| TransactionalEmailBlocklistReadOnly | Read access to blocklists in Transactional Email. |
| TransactionalEmailDomainReadOnly | Read access to domains in Transactional Email. Does not include permissions for e-mails |
| TransactionalEmailDomainFullAccess | Full access to domains in Transactional Email. Does not include permissions for e-mails |
| TransactionalEmailEmailReadOnly | Read access to e-mails in Transactional Email. Does not include permissions for domain configuration |
From 9d94e72e16cd8ef3c1040176d62fe109adcee617 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Wed, 29 Jan 2025 09:02:33 +0100
Subject: [PATCH 4/6] fix(tem): permission set
---
pages/transactional-email/concepts.mdx | 2 +-
pages/transactional-email/how-to/manage-blocklists.mdx | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/pages/transactional-email/concepts.mdx b/pages/transactional-email/concepts.mdx
index 769f337157..2db96200c1 100644
--- a/pages/transactional-email/concepts.mdx
+++ b/pages/transactional-email/concepts.mdx
@@ -18,7 +18,7 @@ An aggregate report (`rua`) is a periodic summary that provides data about a dom
## Blocklist
-Blocklist is a feature that allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist or is full to prevent sending emails to a recipient address that is not reachable.
+Blocklist is a feature that allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist, or is full, to prevent sending emails to a recipient address that is not reachable.
## Deliverability
diff --git a/pages/transactional-email/how-to/manage-blocklists.mdx b/pages/transactional-email/how-to/manage-blocklists.mdx
index d020528303..a87a5623ae 100644
--- a/pages/transactional-email/how-to/manage-blocklists.mdx
+++ b/pages/transactional-email/how-to/manage-blocklists.mdx
@@ -13,12 +13,12 @@ categories:
- managed-services
---
-The Transactional Email blocklist feature allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist or is full to prevent sending emails to a recipient address that is not reachable.
+The Transactional Email blocklist feature allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist, or is full, to prevent sending emails to a recipient address that is not reachable.
- A Scaleway account logged into the [console](https://console.scaleway.com)
-- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing you to perform actions in the intended Organization
+- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing you to perform actions in the intended Organization. For blocklists your can apply the `TransactionalEmailBlocklistFullAccess` permission
- [Configured your domain(s) with Transactional Email](/managed-services/transactional-email/how-to/configure-domain-with-transactional-email/)
## How to monitor temporary blocklists
From 5d642b580eceb661bf8212aefc735a3e5edaaa03 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Wed, 29 Jan 2025 09:14:52 +0100
Subject: [PATCH 5/6] fix(tem): review bene
Co-authored-by: Benedikt Rollik
---
faq/transactional-email.mdx | 10 +++++-----
pages/transactional-email/how-to/manage-blocklists.mdx | 6 +++---
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/faq/transactional-email.mdx b/faq/transactional-email.mdx
index 8983b63aa9..7ec56c14e5 100644
--- a/faq/transactional-email.mdx
+++ b/faq/transactional-email.mdx
@@ -25,7 +25,7 @@ Scaleway's Transactional Email platform is dedicated to sending transactional em
## How can I configure DNS records to send emails?
-You need to [add SPF and DKIM records](/managed-services/transactional-email/how-to/add-spf-dkim-records-to-your-domain/) to be able to send emails. Find out [how to set up your DNS records for other DNS providers](/tutorials/set-up-spf-dkim-for-dns-providers/).
+You need to [add SPF and DKIM records](/transactional-email/how-to/add-spf-dkim-records-to-your-domain/) to be able to send emails. Find out [how to set up your DNS records for other DNS providers](/tutorials/set-up-spf-dkim-for-dns-providers/).
## How do I know if my domain is valid for sending emails?
@@ -33,19 +33,19 @@ After configuring your SPF and DKIM records, you must launch a verification of t
## Do I have to set up an MX record for better email deliverability?
-Setting up an [MX record](/managed-services/transactional-email/concepts#mx-record) is highly recommended to ensure your email deliverability. Find out [how to add an MX record to your domain](/managed-services/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-your-own-mx-record). You can also [use Scaleway's blackhole MX](/managed-services/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-scaleways-mx-record) if you do not have your own MX.
+Setting up an [MX record](/transactional-email/concepts#mx-record) is highly recommended to ensure your email deliverability. Find out [how to add an MX record to your domain](/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-your-own-mx-record). You can also [use Scaleway's blackhole MX](/transactional-email/how-to/add-mx-record-to-your-domain/#how-to-add-scaleways-mx-record) if you do not have your own MX.
## What happens to automatically configured DNS records when I delete a domain in the Transactional Email service?
-When a domain is removed from Scalway's Transactional Email platform, [autoconfigured DNS records](/managed-services/transactional-email/how-to/autoconfigure-domain/) are not automatically deleted in the Domains & DNS section. If you no longer use the domain for sending emails, you must manually delete or modify these records. It is recommended to verify the associated DNS records to ensure they are correctly configured or removed.
+When a domain is removed from Scalway's Transactional Email platform, [autoconfigured DNS records](/transactional-email/how-to/autoconfigure-domain/) are not automatically deleted in the Domains & DNS section. You must manually delete or modify these records if you no longer use the domain to send emails. Verifying the associated DNS records is recommended to ensure they are correctly configured or removed.
## What is the impact on the Transactional Email service if a DNS zone is deleted in Scaleway Domains & DNS?
-If a DNS zone is deleted while [autoconfig is enabled](/managed-services/transactional-email/how-to/autoconfigure-domain/), the DNS records will be added to the parent zone. This ensures that the domain remains validated on the Transactional Email platform, allowing continued use of the service without interruption.
+If a DNS zone is deleted while [autoconfig is enabled](/transactional-email/how-to/autoconfigure-domain/), the DNS records will be added to the parent zone. This ensures that the domain remains validated on the Transactional Email platform, allowing continued service use without interruption.
## What are the limitations and restrictions when using Transactional Email?
-Find out about [limits and quotas](/managed-services/transactional-email/reference-content/tem-capabilities-and-limits/) available for Transactional Email. If you want to increase your quota beyond the values shown on this page, [contact our support team](https://console.scaleway.com/support/create).
+Find out about [limits and quotas](/transactional-email/reference-content/tem-capabilities-and-limits/) available for Transactional Email. If you want to increase your quota beyond the values shown on this page, [contact our support team](https://console.scaleway.com/support/create).
## How is Scaleway's Transactional Email service billed?
diff --git a/pages/transactional-email/how-to/manage-blocklists.mdx b/pages/transactional-email/how-to/manage-blocklists.mdx
index a87a5623ae..5ef8f0dc45 100644
--- a/pages/transactional-email/how-to/manage-blocklists.mdx
+++ b/pages/transactional-email/how-to/manage-blocklists.mdx
@@ -18,8 +18,8 @@ The Transactional Email blocklist feature allows your to manage email addresses
- A Scaleway account logged into the [console](https://console.scaleway.com)
-- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing you to perform actions in the intended Organization. For blocklists your can apply the `TransactionalEmailBlocklistFullAccess` permission
-- [Configured your domain(s) with Transactional Email](/managed-services/transactional-email/how-to/configure-domain-with-transactional-email/)
+- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization. For blocklists your can apply the `TransactionalEmailBlocklistFullAccess` permission
+- [Configured your domain(s) with Transactional Email](/transactional-email/how-to/configure-domain-with-transactional-email/)
## How to monitor temporary blocklists
@@ -37,7 +37,7 @@ To see the blocklist:
3. Click the **Blocklist** tab. Your blocklist displays detailing the recipient email, the flags, the date the block began and when it ends.
- You can [create webhooks](/managed-services/transactional-email/how-to/create-webhooks) for the following blocklist events:
+ You can [create webhooks](/transactional-email/how-to/create-webhooks) for the following blocklist events:
- `email_blocklisted` - An email was blocked by an active blocklist.
- `blocklist_created` - A blocklist is created for an email address. Any new emails sent by the address will be blocked.
From f12ead55537b9bce9ab4682b8b08f3ed6d5b7171 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Wed, 29 Jan 2025 09:52:03 +0100
Subject: [PATCH 6/6] fix(tem): review ro
Co-authored-by: Rowena Jones <36301604+RoRoJ@users.noreply.github.com>
---
pages/transactional-email/concepts.mdx | 2 +-
pages/transactional-email/how-to/manage-blocklists.mdx | 10 +++++-----
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/pages/transactional-email/concepts.mdx b/pages/transactional-email/concepts.mdx
index 2db96200c1..f8f7f5e0bd 100644
--- a/pages/transactional-email/concepts.mdx
+++ b/pages/transactional-email/concepts.mdx
@@ -18,7 +18,7 @@ An aggregate report (`rua`) is a periodic summary that provides data about a dom
## Blocklist
-Blocklist is a feature that allows your to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist, or is full, to prevent sending emails to a recipient address that is not reachable.
+Blocklist is a feature that allows you to manage email addresses that generate errors, or “bounces”. Emails are automatically blocked when a mailbox does not exist, or is full, to prevent sending emails to a recipient address that is not reachable.
## Deliverability
diff --git a/pages/transactional-email/how-to/manage-blocklists.mdx b/pages/transactional-email/how-to/manage-blocklists.mdx
index 5ef8f0dc45..c5abe051cb 100644
--- a/pages/transactional-email/how-to/manage-blocklists.mdx
+++ b/pages/transactional-email/how-to/manage-blocklists.mdx
@@ -23,7 +23,7 @@ The Transactional Email blocklist feature allows your to manage email addresses
## How to monitor temporary blocklists
-If any of your emails were bounced, you will see a temporary blocklist entry, with a duration of 48 hours, containing the details of the email that bounced and the reason, or flag. Some examples of bounce reasons are:
+If any of your emails bounced, you will see a temporary blocklist entry, with a duration of 48 hours, containing the details of the email that bounced and the reason, or flag. Some examples of bounce reasons are:
- `Mailbox not found` - when mailbox does not exist
- `Mailbox full` - when the mailbox is full.
@@ -33,13 +33,13 @@ The temporary blocklist entry is created automatically to prevent repeated attem
To see the blocklist:
1. Click **Transactional Email** in the **Managed Services** section of the [console](https://console.scaleway.com/) side menu. Your domains display.
-2. Click the domain for which you want to manage the blocklist. An overview of your domain appears.
-3. Click the **Blocklist** tab. Your blocklist displays detailing the recipient email, the flags, the date the block began and when it ends.
+2. Click the domain whose blocklist you want to manage. An overview of your domain appears.
+3. Click the **Blocklist** tab. Your blocklist displays, detailing the recipient email, the flags, the date the block began, and when it ends.
You can [create webhooks](/transactional-email/how-to/create-webhooks) for the following blocklist events:
- `email_blocklisted` - An email was blocked by an active blocklist.
- - `blocklist_created` - A blocklist is created for an email address. Any new emails sent by the address will be blocked.
+ - `blocklist_created` - A blocklist was created for an email address. Any new emails sent by the address will be blocked.
By setting up a blocklist webhook, you can track changes to your blocklist in real time.
@@ -56,7 +56,7 @@ You can unblock any address that was added to the blocklist. This is useful in c
1. Click **Transactional Email** in the **Managed Services** section of the [console](https://console.scaleway.com/) side menu. Your domains display.
-2. Click the domain for which you want to manage the blocklist. An overview of your domain appears.
+2. Click the domain whose blocklist you want to manage. An overview of your domain appears.
3. Click the **Blocklist** tab. Your blocklist displays.
4. Click **Unblock** next to the email address you wish to unblock. A pop-up appears to warn you to: