Sometimes administrators wish to trust email from certain addresses to avoid scanning messages to either save resources or avoid false positives. The safe list provides a convenient location to list safe and trusted email addresses that these applications will check before scanning email.
Global Safe List
Per-User Safe List
Each user/email address also has their own safe list. For example, lets assume "[email protected]" has a quarantine that they manage via the quarantine application. In the quarantine application they can add addresses to their own safe list.
For example, [email protected] may add "[email protected]" to their safelist. All email from "[email protected]" to "[email protected]" will automatically be passed as safelisted, while email from "[email protected]" to other users will be scanned as normal.
Per-User safe lists provide a mechanism to deal with false positives that won't effect the overall false negative rate of other user/emails.
Emails can be specified using Glob Matcher syntax so, for example, you can safe list entire domains as "[email protected]" Also, note that a user/email can add "*" to their Per-User safe list to entirely disable spam/phish scanning for emails to them.
Users can edit their own Per-User safe list in the quarantine web application. Administrators can view/edit/purge users's safe lists in the administration UI.