Views:

The Approved Header Field List for Gmail specifies the header field criteria for email messages in Gmail to bypass policy scanning when a message matches any of the criteria.

If you want certain email messages to skip scanning by all policies, for example, to do a phishing simulation campaign via email, you can create a global approved list so messages that match the header field criteria will not be scanned by all enabled Advanced Threat Protection and Data Loss Prevention policies for Gmail and will be delivered to the intended recipients.

  1. Go to Administration > Global Settings > Approved Header Field List for Gmail.
  2. Select Enable the approved header field list for Gmail.

    You can configure the list first and enable it later when you need to.

  3. Specify a header field name in the Name text box and a value for the field in the Value text box, and select Contains or Equals as necessary.
  4. Click Add.

    The specified entry appears in the area below.

    When the specified header field of an email message contains or exactly matches with the specified value depending on whether Contains or Equals is selected, the message will not be scanned by all enabled ATP and DLP policies for Gmail.

    Note:

    Be aware that Name and Value are case sensitive, and wildcard characters and regular expressions are not supported.

    The header field name and value cannot exceed 128 characters.

  5. Optionally repeat steps 3 and 4 to add another header field as necessary.

    The email message whose header field hits any of the specified entries will bypass policy scanning.

    Note:

    A maximum of 10 header fields is supported.

  6. (Optional) To delete a specified header field, select it from the list and click Delete.
  7. Click OK.
Parent topic: Global Settings