The Blocklist policy is a critical security feature that cannot be deactivated. This article explains how to create domain exemptions for trusted domains that may be inadvertently blocked and how to manage these exemptions effectively.

Important Security Considerations

Ensure you understand the following advice before creating a blocklist exemption:

• Domain exemptions should be created only when legitimate business communications are being blocked
• Use domain exemptions with extreme caution
• Each domain exemption added reduces your organization's overall protection level
• Only exempt trusted domains with which your organization has a business need to communicate

Adding Domain Exemptions

To exempt a trusted domain from the Blocklist policy, follow the steps below:

1. Log in to the Prevent dashboard.
2. Navigate to Prevent Settings > Policies > Blocklist > Manage Policy.
3. Select + Add Domain Exemption.
4. In the pop-up window, enter the required information:
   1. Exempt domain
   2. Exemption reason
5. Confirm that you wish to allow users to email this domain
6. Click Save.

Removing Domain Exemptions

To remove a domain exemption, follow the steps below:

1. Log in to the Prevent dashboard.
2. Navigate to Prevent Settings > Policies > Blocklist > Manage Policy.
3. Locate the domain exemption you wish to remove.
4. Select Delete on the line entry of the domain.
5. Select Delete in the confirmation pop-up window to finalize the removal.

Best Practice

To maintain optimal security while using blocklist exemptions, establish a regular review process for all domain exemptions to verify their necessity. When creating exemptions, thoroughly document the specific business justification with relevant details explaining why the exemption is required. Once a specific domain exemption is no longer needed, promptly remove these exemptions to restore full protection for your organization. This disciplined approach to exemption management helps balance security requirements with legitimate business communications.