ThreatDown Email Security blocks emails with malicious content, which could include emails from trusted senders. To ensure these emails aren't blocked, add senders you trust to the Email Security allow list. In Nebula, navigate to Manage > Email Security > Configurations > Allow List to access the allow list.
Add an item to the allow list
- Click Add item.
- Select the sender type.
- IP: Allow senders from an IPv4 or IPv6 address or range, examples 100.100.100.100 or 8.8.8.8/28
- Domain: Allow senders from an email domain, examples domain.com, subdomain.domain.com. or *.domain.com. Domain allow list rules do not recursively protect sub-domains, so use a wildcard or add each subdomain individually.
- Address: Allow senders from a specific email address, example threatdown@example.com.
- Link: Allow links in emails from a specfic web domain, example www.threatdown.com.
- Enter a value for the selected type.
- Select one of the bypass options:
- Skip all inspections: Emails from this sender bypass all inspections, including spam, phishing, and malicious content detection.
- Ignore SPF/DKIM/DMARC authentication and internal/external identification results: Bypass the authentication check that detects spoofing attacks.
- Show response message when reporting an external campaign: Check this box if using an external tool for phishing simulations. This lets the tool send a response message to verify with the reporter that it was a test.
- Bypass impersonation banners: Emails from this item do not trigger impersonation alerts or display "First-time sender" banners.
- Ignore SPF/DKIM/DMARC authentication and internal/external identification results: Bypass the authentication check that detects spoofing attacks.
- Bypass all scanning for links: Links are completely bypassed by scanning processes from ThreatDown.
- Bypass link clicking by ThreatDown: Links are scanned and analyzed but not clicked by ThreatDown processes.
- Skip all inspections: Emails from this sender bypass all inspections, including spam, phishing, and malicious content detection.
- Add a comment to describe why the item is added to the allow list.
- Click Save.