API Reference

Email Security

Settings

Allow Policies

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Create an email allow policy

email_security.settings.allow_policies.create(AllowPolicyCreateParams**kwargs) -> AllowPolicyCreateResponse

POST/accounts/{account_id}/email-security/settings/allow_policies

Creates a new email allow policy that permits specific senders, domains, or patterns to bypass security scanning.

Security

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Cloud Email Security: Write

ParametersExpand Collapse

account_id: str

Account Identifier

maxLength32

minLength32

is_acceptable_sender: bool

Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions. Note: This will not exempt messages with Malicious or Suspicious dispositions.

is_exempt_recipient: bool

Messages to this recipient will bypass all detections.

is_regex: bool

is_trusted_sender: bool

Messages from this sender will bypass all detections and link following.

pattern: str

maxLength1024

minLength1

pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]

One of the following:

"EMAIL"

"DOMAIN"

"IP"

"UNKNOWN"

verify_sender: bool

Enforce DMARC, SPF or DKIM authentication. When on, Email Security only honors policies that pass authentication.

comments: Optional[str]

maxLength1024

Deprecatedis_recipient: Optional[bool]

Deprecatedis_sender: Optional[bool]

Deprecatedis_spoof: Optional[bool]

ReturnsExpand Collapse

class AllowPolicyCreateResponse: …

id: int

The unique identifier for the allow policy.

formatint32

created_at: datetime

formatdate-time

is_acceptable_sender: bool

Messages from this sender will be exempted from Spam, Spoof and Bulk dispositions. Note: This will not exempt messages with Malicious or Suspicious dispositions.

is_exempt_recipient: bool

Messages to this recipient will bypass all detections.

is_regex: bool

is_trusted_sender: bool

Messages from this sender will bypass all detections and link following.

last_modified: datetime

formatdate-time

pattern: str

maxLength1024

minLength1

pattern_type: Literal["EMAIL", "DOMAIN", "IP", "UNKNOWN"]

One of the following:

"EMAIL"

"DOMAIN"

"IP"

"UNKNOWN"

verify_sender: bool

Enforce DMARC, SPF or DKIM authentication. When on, Email Security only honors policies that pass authentication.

comments: Optional[str]

maxLength1024

Deprecatedis_recipient: Optional[bool]

Deprecatedis_sender: Optional[bool]

Deprecatedis_spoof: Optional[bool]

Create an email allow policy

Python

HTTP

TypeScript

Python

Go

Terraform

import os
from cloudflare import Cloudflare

client = Cloudflare(
    api_email=os.environ.get("CLOUDFLARE_EMAIL"),  # This is the default and can be omitted
    api_key=os.environ.get("CLOUDFLARE_API_KEY"),  # This is the default and can be omitted
)
allow_policy = client.email_security.settings.allow_policies.create(
    account_id="023e105f4ecef8ad9ca31a8372d0c353",
    is_acceptable_sender=False,
    is_exempt_recipient=False,
    is_regex=False,
    is_trusted_sender=True,
    pattern="test@example.com",
    pattern_type="EMAIL",
    verify_sender=True,
)
print(allow_policy.id)

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": 2401,
    "created_at": "2019-12-27T18:11:19.117Z",
    "is_acceptable_sender": true,
    "is_exempt_recipient": true,
    "is_regex": true,
    "is_trusted_sender": true,
    "last_modified": "2019-12-27T18:11:19.117Z",
    "pattern": "x",
    "pattern_type": "EMAIL",
    "verify_sender": true,
    "comments": "comments",
    "is_recipient": true,
    "is_sender": true,
    "is_spoof": true
  },
  "success": true
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": 2401,
    "created_at": "2019-12-27T18:11:19.117Z",
    "is_acceptable_sender": true,
    "is_exempt_recipient": true,
    "is_regex": true,
    "is_trusted_sender": true,
    "last_modified": "2019-12-27T18:11:19.117Z",
    "pattern": "x",
    "pattern_type": "EMAIL",
    "verify_sender": true,
    "comments": "comments",
    "is_recipient": true,
    "is_sender": true,
    "is_spoof": true
  },
  "success": true
}