Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=email-allow-block-behavior

What happens when you allow a domain?

When you add a domain to an allow list, some checks are bypassed for emails coming from that domain. Sophos Email still performs malware scanning even if you add a domain to an allow list.

If sender authentication checks (DMARC, SPF, and DKIM) are turned on, we run them on all emails, even if the domain is in an allow list. The results of these checks determine which other tests are bypassed.

What we do depends on whether the domain was allowed by an administrator or by a user.

What we do depends on whether you've turned on sender authentication checks.

Sender authentication checks on

If no sender authentication checks pass we carry out all additional checks.

If at least one of the sender authentication checks succeeds, we don't do the following additional checks:

  • Data loss prevention.
  • Header anomalies.
  • Impersonation protection.
  • Spam.

Sender authentication checks off

If you've turned off sender authentication checks, we don't do the following additional checks:

  • Data loss prevention.
  • Header anomalies.
  • Impersonation protection.
  • Spam.

If no sender authentication checks pass we carry out all additional checks.

If at least one of the sender authentication checks succeeds, we don't do the following additional checks:

  • Impersonation protection.
  • Spam.