Manage Allow List

You can add trusted hosts to an allow list, and configure the spam checks you want to bypass for each entry in the list. This ensures that trusted mail (such as newsletters or bulk mail from senders added to the allow list) is not blocked. The Allow List tab on the SpamLogic Settings page displays which senders have been added to the list, and which spam checks are bypassed for each entry.

Entries you can add to the allow list

You can add mail servers or email addresses to the allow list.

Entry	Type	To define explicitly - example	To define using wildcard - example
IP addresses (IPv4 format)	Mail server	192.168.1.125	-
IP addresses (IPv6 format)	Mail server	2001:db8::34f4:0:0:f3dd/64	-
IP address ranges	Mail server	192.168.1.0-192.168.1.255	-
CIDR notation networks	Mail server	192.168.5.0/24	-
Mail server hostnames	Mail server	hostname.company.com	*.company.com Includes: hostname.company.com anyserver.company.com
Email addresses	Email	user@company.com fred@company.com everyone@mail.company.com	*@company.com Includes: user@company.com fred@company.com *red@company.com Includes: fred@company.com *@mail.company.com Includes: everyone@mail.company.com

Add Comments to entries to identify them more easily. You can enter comments of up to 128 characters in length.

Using wildcard Wildcard IP addresses are not supported in the allow list. Any action which matches a CIDR notation will be combined in the same way as ranges. Trailing wildcard, such as info*@company.com, is not valid in the allow list. Ensure that your entries are defined using leading wildcard.

Tell me about...

• What happens if there is a conflict between two entries

  Example: I want to add IP range of ... .124 - .255 to the allow list and select certain spam checks for all IP addresses in this range. However, I also want to add range .164 - .192 with other spam methods selected. These IP address ranges have overlapping entries between .164 and .192 What happens?

  • All spam checks that you select for both IP address ranges will apply to the overlapping entries.

  If there are overlapping IP address ranges, the Gateway is additive when applying spam checks. All spam checks selected for IP address ranges apply if there are any overlapping entries in the ranges.

• Which spam checks can be bypassed

  You can configure each allowed sender to bypass a combination of any of the following spam checks:

  • Junk Email: Messages will be accepted from the specified host without being subject to trust scoring. The option applies to Confirmed Junk Email and Suspected Junk Email.
  • Greylisting: Messages from the specified host will not be greylisted.
  • DKIM: Messages will be accepted from the specified host, even if they fail DKIM DomainKeys Identified Mail validation checks.
  • SPF: Messages will be accepted from the specified host, even if they fail Sender Policy Framework (SPF Sender Policy Framework) validation checks.
  • DMARC: Messages will be accepted from the specified host, even if they fail Domain-based Message Authentication, Reporting & Conformance (DMARC Domain-based Message Authentication, Reporting & Conformance) verification checks.
  • Spoof Detection: Messages will be accepted from the specified host, even if they are identified as being spoofed.
  • Real-time IP Blocklists: Messages will be accepted from the specified host, even if they appear in an RBL.
  • If Reputation Bad: Messages will be accepted from the specified host, even if TRUSTmanager returns a reputation of Bad. For more information, see TRUSTmanager Reputations.

  Click the links to find out more about how each spam check normally operates .

Add an entry to the allow list

1. Navigate to Policy > Manage Policy Definition > SpamLogic Settings. The SpamLogic Settings page is displayed.

2. Select the Allow List tab.

3. In the Allow List panel, click New.

4. In the Add Allow List Entry dialog, specify the following:

   • Address: address of the sender

   • Comment: optional

   • Type: select whether the address corresponds to a Mail Server (IP address or fully qualified hostname) or an Email (domain or address)

   • Allow List For: select the spam checks the sender can bypass

5. Click Add. The new entry is displayed in the Allow List panel.

6. Apply the configuration.

Import an allow list

You can import a text file of allow list items. The file must contain each allow list item on a separate line. The file can be a maximum of 2 Mb in size or 100,000 valid entries.

1. Navigate to Policy > Manage Policy Definition > SpamLogic Settings. The SpamLogic Settings page is displayed.

2. In the task panel, click Import allow list.

3. In the Import SpamLogic Allow List dialog:

   • Browse and select a file containing the allow list items to import

   • Replace existing matching entries: select this check box to replace the existing list with the contents of the new file. If you leave this check box unselected, the Gateway merges the new and the existing lists. Duplicated items are ignored and appear once in the allow list.

   • Type: select whether the address corresponds to a Mail Server (IP address or fully qualified hostname) or an Email (domain or address)

     When importing a text file of allow list items, your file should contain either Mail Server or Email items as the Gateway does not support both types in the one import file.

   • Allow List For: select the spam checks the sender can bypass

4. Click Import. The new entries are displayed in the Allow List panel.

5. Apply the configuration.

If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > Configuration > Apply Configuration. See Apply new configuration for more information. If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Peer Gateways for more information.