Cloudflare Docs
Area 1 Email Security
Visit Area 1 Email Security on GitHub
Set theme to dark (⇧+D)

Allowed patterns

When you set up allowed patterns, Cloudflare Area 1 email security exempts messages that match certain patterns from normal detection scanning.

​​ Add an allowed pattern

To create a new allowed pattern:

  1. Log in to the Area 1 dashboard.

  2. Go to Settings (the gear icon).

  3. On Email Configuration, go to Allow List > Allowed Patterns.

  4. Select + New Pattern.

  5. Enter the pattern information:

    • Allowed Pattern: Enter one of the following types of pattern:

      • Email addresses, which must be a valid email.
      • IP addresses, which can only be IPv4. IPv6 and CIDR are invalid entries.
      • Regular expressions, which must be valid Java expressions.
    • Allow Type: Choose one or more of the following types:

      • Trusted Sender: Messages will bypass all detections and link following by Area 1. Typically, only applies to phishing simulations from vendors such as KnowB4.
      • Exempt Recipient: Will exempt messages from all Area 1 detections intended for recipients matching this pattern (email address or regular expression only). Typically, this only applies to submission mailboxes for user reporting to security.
      • Acceptable Sender: Will exempt messages from the Spam, Spoof, and Bulk dispositions (but not Malicious or Suspicious). Commonly used for external domains and sources that send mail on behalf of your organization, such as marketing emails or internal tools.
    • Notes: Provide additional notes about the allowed pattern.

  6. Choose whether to Verify Sender, which applies the Spoof disposition for emails failing the SPF/DKIM/DMARC domain policy (only applicable for Trusted Sender and Acceptable Sender).

  7. Select Save.

​​ CSV uploads

You can also upload a CSV file of multiple allowed patterns. The CSV file must be smaller than 150 KB, start with a header row of all required values, and contain no additional fields.

An example file would look like this:

Pattern, Notes, Verify Email, Trusted Sender,
Exempt Recipient, Acceptable Sender
[email protected], not a phish, true, true, false, true