Skip to main content

Platform

Adding Domain Exemptions

Adding an Exemption for an entire domain allows you to select the security checks that you want to skip for that domain. This means that all emails from the domain can bypass the selected security checks and be delivered to the intended recipient(s) without being flagged or auto-remediated.

You can also add Exemptions for sending email addresses and IPs. See Adding Email Exemptions and Adding IP Exemptions.

Note

Ensure that the domains you exempt from security check(s) are safe. Domains added to the Exemption list bypass the selected security checks and can reduce security coverage.

Exemptions created at the MSP level will apply to all customers.

If domains are allowed by the system due to a match on the Exemptions list, then the emails from that domain will be shown in Email History with the Status Clean.

  1. Go to Email Security > Configuration > Exemptions where you'll see the All tab is open by default. You can add exemptions from here or select the Domains tab. Select Add Exemption.

    ES-Exemptions-MSP-AddExempt.jpg

    The Add Exemption window opens.

    ES-Exemptions-MSP-AddExempt-Window.jpg

  2. In the Add Exemption window, do the following:

    • Type: From the dropdown list, select Domain.

    • Address: Enter the domain you want to exempt from the selected mail flow checks.

    • Select the checkbox(es) for the mail flow check(s) you want to skip for this domain.

      Sender Authentication

      Anti-Spoof

      Compares the sender's display name to tenant display names. If there's a match but the email address differs, the message is flagged.

      Suspicious

      Spam

      Analyzes emails for patterns commonly associated with unsolicited messages.

      Frequently Exploited Domains

      Identifies emails from senders or domains commonly used in malicious attacks.

      Graymail

      Identifies legitimate but low-value emails, such as newsletters, promotions, or bulk notifications.

      Suspicious Intent

      Analyzes email content and behavior to detect signs of phishing, fraud, or social engineering

      Malicious

      Fraud

      Detects emails that show signs of deceptive or malicious intent, such as impersonation, or payment scams.

      Malware

      Scam emails and attachments for malicious files, or code that could harm systems or data. Infected files may be delivered to users if this check is skipped.

      Malicious

      Identifies emails designed to cause harm, such as social engineering attempts.

      Phishing

      Detects emails that attempt to steal credentials, personal data, or sensitive information.

    • Comments (optional): Enter a description for the domain. This might include a reason for allowing the domain exemption.

  3. Select Add Exemption.

    The domain is displayed in your Exemptions list.

In this section: