Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=URL-allow-list

URL Allow List

You can add domains to the allow list so that URLs from those domains are neither rewritten nor scanned by Time of Click protection.

When you add a URL to the allow list, any matching URLs in emails received after the addition won't be rewritten. The URLs already rewritten in an email processed and delivered won't be allowed, even though they match the new addition in the URL allow list.

To access this setting, click the Global Settings icon Global Settings icon.. Go to Products and Services > Email and click URL Allow List.

The entire URL protection is bypassed. The URL isn't rewritten, and the Malicious URL scan action isn't applied. However, emails containing criminal category URLs will be deleted.

Note

If an email contains a link on the Internet Watch Foundation's criminal URL list, we're legally required to delete the email. We're also legally required not to show the link anywhere in Sophos Central, including Message History. See IWF: URL List.

We always delete these emails. We don't use the settings in your Email Security policies.

Add URLs

To add a URL or domain, click Add and enter the URL or domain you want to allow.

Example 
http://domain.com
https://domain.com/path
domain.com
example.net

Wildcards are supported and include all subdomains of the domain, such as sub1.domain.com and sub2.domain.com.

Example 
https://*.domain.com/path
*.domain.com

Click Add to confirm the addition.

Delete URLs

To delete a URL or domain from the allow list, select it and click Delete in the upper left of the page.

You can select and delete individual or multiple URLs and domains, or all at once.