Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=URL-allow-list

URL allow list

You can add domains to the allow list so that URLs from those domains are neither rewritten nor scanned by Time of Click protection.

Go to My Products > General Settings, then click URL allow list.

The entire URL protection is bypassed. The URL isn't rewritten, and the Malicious URL scan action isn't applied. However, emails containing criminal category URLs will be deleted.

Note

If an email contains a link on the Internet Watch Foundation's criminal URL list, we're legally required to delete the email. We're also legally required not to show the link anywhere in Sophos Central, including Message History. See IWF: URL List.

We always delete these emails. We don't use the settings in your Email Security policies.

Add URLs

To add a URL, click Add and add the domains you want to allow, for example, example.com. Don't add the full URL, for example https://example.com, to avoid issues.

Note

Wildcards are supported, for example *.example.com. This includes all subdomains of example.com, such as sub1.example.com and sub2.example.com.

Click Save to add the domain.

Delete URLs

To delete a URL from the allow list, select it and click Delete in the upper right of the page.

You can select and delete either single, multiple, or all domains.