Knowledge Base

How to add an exception for the CodeTwo software in a transport rule


You use an Exchange transport rule to block or filter messages that do not meet specific conditions. You want to exclude messages processed by CodeTwo Email Signatures 365 from this rule to ensure that the mail flow through CodeTwo is not affected or blocked.


When you define an exception for messages processed by CodeTwo Email Signatures 365, we recommend using the name of the header (X-CodeTwoProcessed) that is added to each such message. Thanks to that, your exception will work with maximum reliability (when compared to using an IP address of the CodeTwo service which may change in the future).

To add the exception for the CodeTwo service correctly, you need to:

  1. Select your rule in the Exchange admin center.
  2. In the pane that opens, click the Edit rule conditions button.
  3. In the Except if section, select The message headers > matches these text patterns. If your rule already contains an exception, click + to add another one.
  4. Click Enter text and type X-CodeTwoProcessed as the header name.
  5. Next, click Enter words, type true in the text field, and click the Add button.
  6. The configuration of the new exception should be exactly the same as shown in Fig. 1.

Correct configuration of the exception.
Fig. 1. Correct configuration of the exception.


To further improve security and implement its secure by default framework, Microsoft has disabled the following override mechanisms which you could use for email whitelisting in the past:

  • Allowed sender lists or allowed domain lists (anti-spam policies)
  • Outlook Safe Senders (list)
  • IP Allow List (connection filtering)

With this change, Microsoft recommends that from now on, you should start whitelisting messages with advanced delivery policies and not transport rules. So, to ensure uninterrupted mail flow, you need to reflect the configuration for filtering unwanted messages from a transport rule (like the one discussed above) in your advanced delivery policy.

You can access the advanced delivery policies feature in the Microsoft Defender XDR (Microsoft 365 Defender) portal.

See also

Was this information useful?