Product manual
GFI MailEssentials 6 Email Security | 99
Screenshot 53: HTML Sanitizer Whitelist page
2. In Whitelist entry, key in an email address, an email domain (for example, *@domain.com) or an
email sub-domain (for example, *@*.domain.com) and click Add.
NOTE
To remove an entry from the HTMLSanitizer whitelist, select an entry and click
Remove.
3. Click Apply.
6.5.3 HTMLSantizer Domain\IPExclusions
The HTMLSantizer Domain\IPExclusions feature enables administrators to specify IPaddresses or
domains to exclude from HTMLSanitizer. This will not simply use an IP address list; it can also support
domain addresses, which are then resolved at runtime, so that all the IP addresses for the domain in
question are obtained. This is done in two ways:
1. By default, the feature queries the MX records of the domain being processed
2. Optionally,you can choose to have the SPF record of the domain queried. If the domain doesn’t
have an SPF record, the SPF part is ignored and only the MX records are used.
If the IP address from where the email originated (the one which sent to the perimeter server) is an IP
listed in the Domains\IPs exclusions tab or resolved from a domain in the same list, then the email is
not processed by HTML Sanitizer. This is a sort of IP Whitelist but with the additional benefit of