How to Add Safe Senders and Block Lists in Proofpoint

Sender lists in Proofpoint control which emails bypass spam filtering (Safe Senders) and which are automatically blocked (Blocked Senders). Properly managing these lists ensures legitimate emails are delivered while known bad actors are blocked.

Prerequisites

Before managing sender lists, ensure you have:

• Administrator access to Proofpoint Essentials (for organization/group lists)
• End user access to Proofpoint (for personal lists)
• List of trusted senders or domains to allowlist
• List of known spam sources to blocklist

Understanding Sender List Hierarchy

Proofpoint processes sender lists in this order:

Key Points:

• User settings override group settings
• Group settings override organization settings
• Entries can be email addresses, domains, or IP addresses

Step 1: Access Sender Lists (Administrator)

Organization-Level Lists

1. Log in to the Proofpoint Essentials Admin Console
2. Navigate to Security Settings in the left sidebar
3. Click Email
4. Select Sender Lists
5. You'll see two sections:
   • Blocked Senders List (top)
   • Safe Senders List (bottom)

Group-Level Lists

1. Navigate to Users & Groups > Groups
2. Select the group to modify
3. Click Sender Lists in the group settings
4. Manage Safe and Blocked lists for that group

Step 2: Add Entries to the Safe Senders List

Adding Individual Addresses

1. In Sender Lists, scroll to Safe Senders List
2. Enter email addresses in the text box, one per line:

[email protected]
[email protected]
[email protected]

3. Click Save to apply changes

Adding Domains (Wildcards)

To allow all emails from a domain:

*@trustedcompany.com
*@vendor-notifications.com

Warning: Adding entire domains is less secure than individual addresses. Only use for highly trusted sources.

Adding IP Addresses

For server-level allowlisting:

192.168.1.100
203.0.113.0/24

IP Format Options:

Step 3: Add Entries to the Blocked Senders List

Blocking Individual Senders

1. Scroll to Blocked Senders List
2. Enter addresses to block:

[email protected]
[email protected]

3. Click Save

Blocking Entire Domains

*@spam-domain.com
*@known-malicious.net

Blocking IP Ranges

For blocking mail servers:

198.51.100.0/24

Step 4: Manage User-Level Sender Lists

Admin View of User Lists

Administrators can view and modify individual user lists:

1. Navigate to Users & Groups > Users
2. Search for and click on the user
3. Click the Sender Lists option
4. Review and modify their personal lists
5. Click Save

User Self-Management via Portal

End users can manage their own lists:

1. Log in to the Proofpoint User Portal
2. Click Lists in the navigation
3. Select Safe Senders List or Blocked Senders List
4. Add or remove entries
5. Click Save

User Self-Management via Digest

Users can add senders directly from quarantine digests:

• Allow Sender - Adds sender to Safe list
• Block Sender - Adds sender to Blocked list
• Release and Allow Sender - Releases email AND adds to Safe list

Step 5: Import Bulk Entries

For large-scale list management:

Prepare Import File

Create a CSV or text file with entries:

# safe_senders.txt
[email protected]
[email protected]
*@trusted-supplier.com
[email protected]

Import Process

1. In Sender Lists, look for Import or Bulk Add option
2. Upload your file
3. Select the target list (Safe or Blocked)
4. Review the import preview
5. Click Import to apply

Note: Import options vary by Proofpoint version. Contact support if bulk import isn't visible.

Step 6: Export Current Lists

For backup or audit purposes:

1. Navigate to Sender Lists
2. Click Export (if available)
3. Select the list to export
4. Download the file

Manual Export

If no export feature exists:

1. View the sender list
2. Select and copy all entries
3. Paste into a spreadsheet
4. Save for records

Common Safe Sender Scenarios

Business Partners

# Trusted vendors and partners
*@primaryvendor.com
[email protected]
[email protected]

SaaS Applications

# Business applications
*@salesforce.com
*@slack.com
*@zoom.us
[email protected]
[email protected]

Marketing and Newsletter Platforms

# Opted-in marketing sources
*@mailchimp.com
*@constantcontact.com
[email protected]

Internal Systems

# Internal automated systems
[email protected]
[email protected]

Common Block List Scenarios

Known Spam Sources

# Persistent spam senders
*@spam-domain.com
*@mass-mailer-spam.net

Competitor Domains (Optional)

Some organizations block competitor communications:

# Competitive blocking (use cautiously)
*@competitor.com

Former Employee Domains

After acquisitions or separations:

# Legacy domains no longer trusted
*@old-company-domain.com

Best Practices for Sender Lists

Safe Senders Best Practices

1. Prefer specific addresses over domains - More secure
2. Document why entries were added - Track business justification
3. Review quarterly - Remove outdated entries
4. Verify legitimacy first - Confirm sender identity before adding
5. Don't over-whitelist - Each entry is a potential security gap

Blocked Senders Best Practices

1. Block domains for persistent spam - More effective than individual addresses
2. Use for confirmed threats only - Avoid blocking legitimate senders
3. Document source of block decision - Track why addresses were blocked
4. Review for false positives - Check if legitimate mail is affected
5. Coordinate with IT security - Align with broader threat intelligence

What NOT to Add to Safe Senders

Troubleshooting Sender List Issues

Emails Still Being Quarantined

Symptoms: Added sender to Safe list but emails still quarantined.

Solutions:

1. Verify exact address/domain spelling
2. Check for conflicting entries at other levels
3. Allow 15-30 minutes for propagation
4. Verify entry was saved (refresh the page)
5. Check if message is blocked for malware (bypasses Safe list)

Emails From Blocked Sender Delivered

Symptoms: Blocked sender emails are still arriving.

Solutions:

1. Verify exact address/domain in block list
2. Check for conflicting Safe entries at user/group level
3. Verify domain wildcards are correct (*@domain.com)
4. Check if sender is using different addresses/domains

Cannot Modify Sender Lists

Symptoms: Unable to add or remove entries.

Solutions:

1. Verify you have administrator permissions
2. Check if your role allows sender list management
3. Try logging out and back in
4. Contact your Proofpoint administrator or support

Auditing Sender Lists

Regular audits ensure lists remain effective:

Monthly Audit Checklist

• Review all organization-level entries
• Remove entries for departed vendors/partners
• Verify block entries are still relevant
• Check for overly broad domain wildcards
• Document any changes made

Audit Report Template

Processing Order Reference

When an email arrives, Proofpoint checks lists in this order:

1. User Blocked List - If matched, quarantine/reject
2. User Safe List - If matched, skip spam filter
3. Group Blocked List - If matched, quarantine/reject
4. Group Safe List - If matched, skip spam filter
5. Organization Blocked List - If matched, quarantine/reject
6. Organization Safe List - If matched, skip spam filter
7. Standard spam filtering - If no list match

Next Steps

After configuring sender lists:

1. Configure email filtering - Set up filter policies
2. Manage quarantine - Handle quarantined messages
3. Enable URL Defense - Protect against malicious links
4. Configure DLP - Prevent data loss

Additional Resources

• Proofpoint Setting Up Sender Lists
• Editing Safe and Blocked Sender Lists

Need help managing your Proofpoint email security? Inventive HQ provides expert email security configuration and ongoing management services. Contact us for a free security assessment.