Knowledge Base

How to add an exception for the CodeTwo software in a transport rule

Problem:

You use an Exchange transport rule to block or filter messages that do not meet specific conditions. You want to exclude messages processed by CodeTwo Email Signatures for Office 365 from this rule to ensure that the mail flow through CodeTwo is not affected or blocked.

Solution:

When you define an exception for messages processed by CodeTwo Email Signatures for Office 365, we recommend using the name of the header (X-CodeTwoProcessed) that is added to each such message. Thanks to that, your exception will work with maximum reliability (when compared to using an IP address of the CodeTwo service which may change in the future).

To add the exception for the CodeTwo service correctly, you need to:

  1. Edit your rule in the Exchange Online admin center.
  2. Click the add exception button and select A message header > matches these text patterns from the drop-down list.
  3. Click Enter text and type X-CodeTwoProcessed as the header name.
  4. Next, click Enter text patterns, type true in the text field, and click the plus sign.
  5. The configuration of the new exception should be exactly the same as shown in Fig. 1.

Correct configuration of the exception.
Fig. 1. Correct configuration of the exception.

Important

To further improve security and implement its secure by default framework, Microsoft has disabled the following override mechanisms which you could use for email whitelisting in the past:

  • Allowed sender lists or allowed domain lists (anti-spam policies)
  • Outlook Safe Senders (list)
  • IP Allow List (connection filtering)

With this change, Microsoft recommends that from now on, you should start whitelisting messages with advanced delivery policies and not transport rules. So, to ensure uninterrupted mail flow, you need to reflect the configuration for filtering unwanted messages from a transport rule (like the one discussed above) in your advanced delivery policy.

You can access the advanced delivery policies feature in the Microsoft 365 Defender portal.

See also

Was this information useful?