The Approved Header Field List for Gmail specifies the header field criteria for
email messages in Gmail to bypass policy scanning when a message matches any of the
criteria.
If you want certain email messages to skip scanning by all policies, for example,
to
do a phishing simulation campaign via email, you can create a global approved list
so messages that match the header field criteria will not be scanned by all enabled
Advanced Threat Protection and Data Loss Prevention policies for Gmail and will be
delivered to the intended recipients.
Procedure
- In Cloud Email and Collaboration Protection, go to , click Gmail, and locate the Approved Header Fields section.
- Enable the approved header field list for Gmail.You can configure the list first and enable it later when you need to.
- Specify a header field name in the Name text box and a value for the field in the Value text box, and select Contains or Equals as necessary.
- Click Add.The specified entry appears in the area below.When the specified header field of an email message contains or exactly matches with the specified value depending on whether Contains or Equals is selected, the message will not be scanned by all enabled ATP and DLP policies for Gmail.
Note
Be aware that Name and Value are case sensitive, and wildcard characters and regular expressions are not supported.The header field name and value cannot exceed 128 characters. - Optionally add another header field as necessary.The email message whose header field hits any of the specified entries will bypass policy scanning.
Note
A maximum of 50 header fields is supported. - (Optional) To delete a specified header field, select it from the list and click Delete.
- Click OK.