How to whitelist trusted senders and domains in Emailguard without errors

If you’re tired of legit emails landing in the spam folder or important clients getting blocked, you’re not alone. Email filtering is great—until it’s not. This guide is for anyone using Emailguard who just wants to whitelist trusted senders and domains without the usual headaches, gotchas, or vague advice.

Let’s get your email filters working for you, not against you.


Before You Start: What Whitelisting in Emailguard Really Does

Whitelisting means telling Emailguard, “Hey, let these senders or domains through—no matter what.” That’s powerful, but it’s also risky if you’re not careful.

  • Upside: Trusted senders don’t get blocked or sent to spam.
  • Downside: If you whitelist carelessly, you’re opening the door for spam or phishing from those sources, especially if an account gets compromised.

So, only whitelist what absolutely needs to be whitelisted. Less is more.


Step 1: Gather What You Need

Before you even log in, make a quick list:

  • Exact email addresses (e.g., person@company.com)
  • Trusted domains (e.g., @trustedvendor.com)
  • A short reason for each (for your future self or compliance)

Pro tip: Double-check spellings. Typos in whitelists are sneaky and annoying. Also, resist the urge to wildcard entire domains unless you really trust everyone at that company.


Step 2: Log Into the Emailguard Admin Console

Obvious, but don’t skip this—you need admin access.

  • Head to the Emailguard login page.
  • Use your admin credentials.
  • If you’re not an admin, stop here and talk to whoever handles your email security.

Heads-up: Some organizations have multiple admins or delegated roles. Make sure you have the right permissions to manage global or user-level whitelists.


Step 3: Find the Whitelist Settings

This is where most people get confused, because Emailguard calls it different things depending on your version or setup. Look for:

  • “Allow List” or “Safe Senders” (sometimes under “Policies” or “Filtering Rules”)
  • In some versions, it’s under “Inbound Protection” or “Spam Settings”

If you can’t find it, use the search bar in the admin console. Still lost? Check Emailguard’s docs or ask support (don’t waste an hour clicking through every menu).


Step 4: Decide—Global or User-Level Whitelist?

You can usually whitelist for:

  • Everyone: (Global) All users in your organization get the rule.
  • Single user or group: Use this if only a few people need a sender whitelisted.

Be careful: Global whitelisting is powerful but dangerous—if you mess up, everyone is affected. When in doubt, start narrow.


Step 5: Add Senders and Domains (The Right Way)

Now, the nitty-gritty. Here’s exactly how to enter addresses and domains without screwing it up:

For Individual Senders

  • Enter the full email address: jane.doe@partner.com
  • Don’t add spaces or extra punctuation.
  • Avoid wildcards (*) unless the documentation specifically says it’s supported (and you understand the risk).

For Entire Domains

  • Enter as @domain.com (with the @ at the start, if required by Emailguard).
  • Double-check: Some systems want just domain.com, others need the @. Read the on-screen instructions.
  • Never whitelist @gmail.com, @outlook.com, or other public domains. That’s asking for spam.

Why You Should Avoid Wildcards

Wildcards like *@domain.com are tempting, but unless everyone at that domain is rock-solid trustworthy, you’re making yourself vulnerable. Stick to named addresses or, at most, specific business domains you control.


Step 6: Save and Apply Changes

Sounds basic, but lots of people miss this step and wonder why nothing works.

  • Click Save or Apply (the button might be labeled differently).
  • Some setups need you to “publish” or “commit” changes—watch for prompts.
  • Wait a minute or two for changes to take effect.

Pro tip: If your whitelisting isn’t working after this, refresh the page and check that your entries actually saved.


Step 7: Test the Whitelist

Don’t trust that it worked—prove it.

  • Ask the whitelisted sender to send a test email.
  • Check your inbox and spam folder.
  • If it’s still not coming through, double-check:
  • Spelling of the address or domain
  • Whether you added it at the global or user level
  • That you saved and published the changes

If it’s still busted, check for conflicting rules (like a blocklist entry for the same domain).


Step 8: Keep Your Whitelist Tight and Up-to-Date

Whitelists are not “set and forget.” Review them every few months, or when:

  • Staff leave or roles change
  • Vendors change domains
  • You see weird or unexpected spam

Remove anything you no longer need. The fewer entries, the safer you are.


Common Mistakes (And How to Dodge Them)

Let’s be real: Most whitelisting errors are human errors. Here’s what to watch out for:

  • Whitelisting entire public domains (like @gmail.com): You’ll get buried in spam.
  • Typos: @trusetdvendor.com isn’t going to help anyone.
  • Whitelisting without testing: Don’t assume it works—always send a test email.
  • Ignoring audit logs: If something changes or goes wrong, check the logs to see who did what.
  • Not documenting: Keep a simple doc of what you whitelisted and why. You’ll thank yourself later.

What Actually Works (And What Doesn’t)

  • Works: Whitelisting only what you must, testing every change, and reviewing regularly.
  • Doesn’t work: Whitelisting every vendor “just in case,” ignoring the whitelist for years, or assuming wildcards are safe.

Ignore any advice that tells you to “just whitelist the whole domain for convenience.” That’s like leaving your front door unlocked because you’re tired of using your keys.


Wrapping Up: Keep It Simple, Stay Safe

Whitelisting trusted senders and domains in Emailguard isn’t rocket science, but it’s easy to mess up if you rush or get lazy. The best approach? Whitelist only what you need, double-check your entries, and revisit your list regularly. Less is more—and your inbox (and IT team) will thank you for it.