Allowed patterns
When you set up allowed patterns, Cloudflare Area 1 email security exempts messages that match certain patterns from normal detection scanning.
Add an allowed pattern
To create a new allowed pattern:
Log in to the Area 1 dashboard.
Go to Settings (the gear icon).
On Email Configuration, go to Allow List > Allowed Patterns.
Select + New Pattern.
Enter the pattern information:
Allowed Pattern: Enter one of the following types of pattern:
- Email addresses, which must be a valid email.
- IP addresses, which can only be IPv4. IPv6 and CIDR are invalid entries.
- Regular expressions, which must be valid Java expressions.
Allow Type: Choose one or more of the following types:
- Trusted Sender: Messages will bypass all detections and link following by Area 1. Typically, only applies to phishing simulations from vendors such as KnowB4.
- Exempt Recipient: Will exempt messages from all Area 1 detections intended for recipients matching this pattern (email address or regular expression only). Typically, this only applies to submission mailboxes for user reporting to security.
- Acceptable Sender: Will exempt messages from the
Spam
,Spoof
, andBulk
dispositions (but notMalicious
orSuspicious
). Commonly used for external domains and sources that send mail on behalf of your organization, such as marketing emails or internal tools.
Notes: Provide additional notes about the allowed pattern.
If you chose Trusted Sender or Acceptable Sender in the previous step, you will be able to choose whether to verify the sender. When the Verify Sender option is selected, the allow list entry will only be honored if it aligns with a passing authentication by DMARC or SPF or DKIM.
Select Save.
CSV uploads
You can also upload a CSV file of multiple allowed patterns. The CSV file must be smaller than 150 KB, start with a header row of all required values, and contain no additional fields.
An example file would look like this:
Pattern, Notes, Verify Email, Trusted Sender, Exempt Recipient, Acceptable Senderwhale@notaphish.com, not a phish, true, true, false, true