AntiSpam Block- and Allowlists

📌 Terminology update

Retarus is replacing the terms “blacklist” and “whitelist” with “blocklist” and “allowlist” to avoid potentially offensive language. We are updating these terms across all systems and documentation. During this transition period, you may still encounter the previous terminology in some areas.

Where to find AntiSpam Detection

You can manage AntiSpam lists in the following locations:

• myEAS (company level)
  Email Security - Administration - List Management - AntiSpam Detection

• EAS
  Administration - Email Services - Black- and whitelists

You can configure AntiSpam lists at the company, profile, and user levels.

Required permissions

To access this functionality, you must have the following permissions:

• Access to AntiSpam Black- and Whitelist

• Access to Service settings

Administrator accounts receive both permissions automatically. For staff users, you must explicitly enable these permissions:

1. Go to Classic EAS - User - Email.

2. Set both settings to Yes.

Supported entry types by level

AntiSpam Blocklist

Use the Blocklist to automatically reject messages from specific senders. When you add a sender to the Blocklist, the system rejects messages from that sender. You can block:

• Individual email addresses

• Entire domains

• IPv4 addresses (company and profile levels only)

AntiSpam Allowlist

Use the Allowlist to trust specific senders. When you add a sender to the Allowlist:

• The system accepts the message.

• The system skips spam checks.

• The system still scans the message for malware using Retarus AntiVirus.

You can allow:

• Individual email addresses

• Entire domains

• IPv4 addresses (company and profile levels only)

Managing entries

The Blocklist and Allowlist use the same interface and workflow. The list contains the following fields and options:

Add a single entry

1. Click .
   → The Create Entry page opens.

2. Enter the value.

3. Optional: Enter a comment.

4. Save your changes.

Add multiple entries

Adding multiple entries involves three steps.

Step 1: enter entries

1. Click .

2. Enter your values in the text area.

   • You can paste a list of email addresses or domains.

   • Separate entries with spaces, commas, semicolons, or line breaks.

3. Click Next.

Step 2: review the list

1. Review the detected entries.

2. Optional: Click the pencil icon to edit a value or add a comment.

3. Click Next.

Step 3: save the list

1. Review the summary.

2. Click Save to save the entries.

Filter entries

1. Enter a value in the search field.
   → The list updates automatically.

Delete entries

1. Select one or more entries using the checkboxes.

2. Click .

3. Confirm the deletion.

Matching rules & wildcards

The matching rules and wildcard behavior apply to both the Blocklist and the Allowlist. The system evaluates entries using the same logic, regardless of which list you use. The only difference is how the system handles the result:

• If a match occurs on the Blocklist, the system rejects the message.

• If a match occurs on the Allowlist, the system accepts the message and skips spam checks.

These rules apply to company-level and profile-level lists unless stated otherwise.

📌 Use wildcards carefully. A suffix match (for example, *example.com) may also match similarly named domains.

Scope and limitations

• IPv6 addresses are not supported.

• At the user level, you can add only email addresses and domains (no IP addresses).

• The Allowlist takes precedence over the Blocklist. If the same sender appears on both lists, the system allows the message.

• Domain matching behavior applies to company-level and profile-level lists.

• You can use the same email and domain formats for CxO Fraud Detection if it is configured to use the global AntiSpam Allowlist.

• IPv4 addresses are not supported for CxO Fraud Detection.