Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Admin allow list doesn't bypass BULK Quarantine

Strangely, if an email address is added to the Admin Allow list and the Bulk action is quarantine, the email still gets quarantine.

Surely if an email address is listed on the Admin Allow list it should skip the Bulk email check, just as it skips the Spam email check?



This thread was automatically locked due to age.
Parents Reply Children
  • Hi everyone! 
    Please make sure that it is the "SMTP From" address that you have put into the Allow list and not the "Header From"
    this is because what really counts is the 'SMTP From' (or Envelope-from) value when it comes to email transaction. The 'Header From' is the "From:" in the body of the email which is very easy to spoof and so if Allow list is based on it instead then there a lot more chances of False Positives. 
    Here is a screenshot of what I mean:



  • Hi Josepalad, 

    So what if the user/sender uses an Email Service Provider such as Sendgrid or send through a platform such as Salesforce?

    You wouldn't be able to whitelist that as it will allow all legitimate and non-legitimate emails then right?

  • Came here to say exactly that  

    We can't whitelist *.sendgrid because that would be a big problem - it would effectively whitelist anyone that uses Sendgrid, which are hundreds of thousand of companies, if not more.

    Need a way to whitelist SMTP From sendgrid.net where the Header From equals XXXX - maybe there's a better way?

  • Agreed  , we've actually seen a lot of spammers use Sendgrid and other ESPs as well so definitely cannot just whitelist any ESP addresses.