Skip to main content

Platform

Adding Sender Email Address Exemptions

Adding an Exemption for a sending email address allows you to select the security checks that you want to skip for that sender. This means that all emails from that sender can bypass those selected security checks and be delivered to the intended recipient(s) without being flagged or auto-remediated.

You can also add Exemptions for entire domains and IPs. See Adding Domain Exemptions and Adding IP Exemptions for further details.

Note

Ensure that the sending email addresses that you exempt from security check(s) are safe. Email addresses added to the Exemption list bypass the selected security checks and can reduce security coverage.

Exemptions created at the MSP level will apply to all customers.

If an email is allowed by the system due to a match on the Exemptions list, it will be shown in Email History with the Status Clean.

  1. Go to Email Security > Configuration > Exemptions where you'll see the All tab is open by default. You can add exemptions from here or select the Emails tab. Select Add Exemption.

    ES-Exemptions-MSP-AddExempt.jpg

    The Add Exemption window opens.

    ES-Exemptions-MSP-AddExempt-Window.jpg

  2. In the Add Exemption window, do the following:

    • Type: From the dropdown list, select Email Address.

    • Address: Enter the email address of the sender you want to exempt from the selected mail flow checks.

    • Select the checkbox(es) for the mail flow check(s) you want to skip for this email address.

      Sender Authentication

      Anti-Spoof

      Compares the sender's display name to tenant display names. If there's a match but the email address differs, the message is flagged.

      Suspicious

      Spam

      Analyzes emails for patterns commonly associated with unsolicited messages.

      Frequently Exploited Domains

      Identifies emails from senders or domains commonly used in malicious attacks.

      Graymail

      Identifies legitimate but low-value emails, such as newsletters, promotions, or bulk notifications.

      Suspicious Intent

      Analyzes email content and behavior to detect signs of phishing, fraud, or social engineering

      Malicious

      Fraud

      Detects emails that show signs of deceptive or malicious intent, such as impersonation, or payment scams.

      Malware

      Scam emails and attachments for malicious files, or code that could harm systems or data. Infected files may be delivered to users if this check is skipped.

      Malicious

      Identifies emails designed to cause harm, such as social engineering attempts.

      Phishing

      Detects emails that attempt to steal credentials, personal data, or sensitive information.

    • Comments (optional): Enter a description for the email. This might include a reason for allowing the domain exemption.

  3. Select Add Exemption.

    The email address is displayed in your Exemptions list.

In this section: