Breadcrumbs

Anti-Spam Blocklist & Allowlist

📌 Terminology update

Retarus is replacing the terms blacklist and whitelist with blocklist and allowlist to avoid potentially offensive language. We are updating these terms across all systems and documentation. During this transition period, you may still encounter the previous terminology in some areas.

Anti-Spam Detection lets you control how the system handles messages from specific senders, recipient addresses, domains, or IP addresses by managing two lists:

  • Allowlist
    Always allows matching messages to bypass spam filtering.

  • Blocklist
    Quarantines or blocks matching messages, depending on your configuration.

Use Anti-Spam Detection when you want to explicitly trust or block email traffic, regardless of the original spam verdict.

You can configure Anti-Spam Detection lists at the company, profile, and user levels.

Where to find Anti-Spam Detection

You can access Anti-Spam Detection from both myEAS and EAS.

  • myEAS
    Email Security - Administration - List Management - Anti-Spam Detection

  • EAS
    Administration - Email Services - Anti-Spam Allow-/Blocklist

In both cases, the Anti-Spam Detection List Management view opens where you can choose which list to manage: Allowlist or Blocklist.

image-20260408-115819.png

Required permissions

To access and manage Anti-Spam Detection, you must have the following permissions:

  • Access to Anti-Spam Block- and Allowlist

  • Access to Service settings

Administrator accounts receive both permissions automatically. For staff users, you must explicitly enable these permissions:

  1. Go to Classic EAS - User - Email.

  2. Set both settings to Yes.

  3. Save your changes.

image-20260408-120359.png

Supported entry types by level

Level

Email address

Domain

IPv4 address

Company

yes

yes

yes

Profile

yes

yes

yes

User

yes

yes

no

Anti-Spam Blocklist

Use the Blocklist to automatically reject messages from specific senders. When you add a sender to the Blocklist, the system rejects messages from that sender. You can block:

  • Individual email addresses

  • Entire domains

  • IPv4 addresses (company and profile levels only)

image-20260225-155513.png

Anti-Spam Allowlist

Use the Allowlist to trust specific senders. When you add a sender to the Allowlist:

  • The system accepts the message.

  • The system skips spam checks.

  • The system still scans the message for malware using Retarus AntiVirus.

You can allow:

  • Individual email addresses

  • Entire domains

  • IPv4 addresses (company and profile levels only)

image-20260225-155828.png

Managing entries

The Blocklist and Allowlist use the same interface and workflow. The list contains the following fields and options:

Field/option

Description

Search field

Filter entries by value.

Comment

Optional description.

Last modified on

Date and time of the last update.

Checkboxes

Select entries for deletion.

Action icons

  • image-20260225-143635.png : Add multiple entries

  • image-20260225-143711.png : Add a single entry

  • image-20260225-143751.png : Delete selected entries

Add a single entry

  1. Click image-20260225-143711.png .
    → The Create Entry page opens.

image-20260225-152916.png

  1. Enter the value.

  2. Optional: Enter a comment.

  3. Save your changes.

Add multiple entries

Adding multiple entries involves three steps.

Step 1: enter entries

  1. Click image-20260225-143635.png .

  2. Enter your values in the text area.

    • You can paste a list of email addresses or domains.

    • Separate entries with spaces, commas, semicolons, or line breaks.

image-20260225-152650.png

  1. Click Next.

Step 2: review the list

  1. Review the detected entries.

  2. Optional: Click the pencil icon to edit a value or add a comment.

image-20260225-152734.png

  1. Click Next.

Step 3: save the list

  1. Review the summary.

image-20260225-152826.png

  1. Click Save to save the entries.

Filter entries

  1. Enter a value in the search field.
    → The list updates automatically.

image-20260225-153035.png

Delete entries

  1. Select one or more entries using the checkboxes.

  2. Click image-20260225-143751.png .

  3. Confirm the deletion.

image-20260225-153123.png

Matching rules & wildcards

The matching rules and wildcard behavior apply to both the Blocklist and the Allowlist. The system evaluates entries using the same logic, regardless of which list you use. The only difference is how the system handles the result:

  • If a match occurs on the Blocklist, the system rejects the message.

  • If a match occurs on the Allowlist, the system accepts the message and skips spam checks.

These rules apply to company-level and profile-level lists unless stated otherwise.

If you enter

System interprets it as

Example matched

Notes

user@example.com

Matches only this address

user@example.com

Matches only this address

@example.com

Exact domain match

user@example.com

Does not match subdomains

*example.com

Suffix match

user@hr.example.com

May also match user@fakeexample.com

*_test@example.com

Wildcard in local part + exact domain

user_test@example.com

Wildcard applies only to the local part

.example.com

Subdomain match

user@hr.example.com

Does not match user@example.com

192.168.1.10

Exact IPv4 match

192.168.1.10

IPv6 is not supported.

📌 Use wildcards carefully. A suffix match (for example, *example.com) may also match similarly named domains.

Scope and limitations

  • IPv6 addresses are not supported.

  • At the user level, you can add only email addresses and domains (no IP addresses).

  • The Allowlist takes precedence over the Blocklist. If the same sender appears on both lists, the system allows the message.

  • Domain matching behavior applies to company-level and profile-level lists.

  • You can use the same email and domain formats for CxO Fraud Detection if it is configured to use the global Anti-Spam Allowlist.

  • IPv4 addresses are not supported for CxO Fraud Detection.