Notification

Duet AI is now Gemini for Google Workspace. Learn more

Use address lists to apply settings to specific people or domains

Use address lists in spam, content, and routing settings

As an administrator, you can create groups of email addresses and domains called address lists. Address lists let you apply Gmail settings to specific email addresses or domains. Use an address list when you want to exclude select addresses or domains from settings, or apply settings to messages from or to select addresses or domains

These Gmail settings use address lists:

You can use any address list in any of these settings. Address lists can be used in more than one setting.

Create and manage address lists from the Manage address lists page in the Admin console. You can also manage address lists from Gmail settings that use lists.

Note: Blocked senders list is a type of address list that's only available in the Blocked senders setting.

Create and manage address lists

Best practices for address lists

Keep these guidelines in mind when managing address lists. For detailed information about these guidelines and how address lists work, read About address list matching, below.

  • Address lists can be used in more than one setting. Changes you make to an address list affect all settings that use that list.
  • Settings can include more than one address list. An address only needs to match one address list in the setting to be considered a match.
  • Gmail checks if the From: sender address matches any addresses or domains in the address lists. Gmail doesn't use the Return-Path: address for address list matching. 
  • Gmail checks the authentication requirement for senders. If multiple address lists are specified, the address must match at least one of the lists.
  • The authentication option is turned on by default for each address or domain. To help protect your domain from spoofing and other malicious attacks, we recommend you always keep this option turned on. Read more in How authentication protects your domain, below.
  • Identical addresses that have different authentication requirements are treated as different addresses.
  • When you edit a list, new or modified addresses are added the list and sorted in alphabetical order. Domains are listed before users.
  • Guidelines for editing address lists:
    • Domain names in these formats are supported: solarmora.com or @solarmora.com
    • Email addresses in standard format are supported: user@solarmora.com
    • Dotted email addresses are not supported: .@solarmora.com
    • The setting will let you enter wildcard email addresses, however the setting logic only matches full email addresses, so entering wildcard addresses has no effect: *@solarmora.com
Create an address list
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu and then Appsand thenGoogle Workspaceand thenGmailand thenRouting.
  3. On the Routing page, click Manage address lists.
  4. At the bottom of the address list table, click Add address list.
  5. Enter a name for the new list.
  6. To add one address at a time, click Add address and enter the email address or domain.
  7. To add multiple addresses at once, click Bulk add addresses, enter comma-separated addresses or domains, then click Add.
  8. Click Save in the Add address list box. Changes can take up to 24 hours but typically happen more quickly. Learn more

You can also create a list from within a Gmail setting that uses address lists:

  1. Point to a setting that uses address lists and click Edit.
  2. In the Edit setting box, find the Address lists option. For some Gmail settings, you must click Show options to display the Address lists option.
  3. Select the Address lists option, then click Create or edit list.
  4. The Manage address lists page opens in a new browser tab. Create address list as described above, then return to the Edit setting box on the original browser tab.
Edit an address list
  1. On the Routing page, click Manage address lists.
  2. Point to the list you want to update, and click Edit.

    You can display up to 1000 addresses or domains per page. The default is 10. Scroll through pages for the next set of addresses or domains.

  3. To add addresses to the list, click Add address or Bulk add addresses.

    Enter one or more addresses or domain names, separated by a comma or space

  4. To remove addresses from the list, point to the address in the list and click Delete.
  5. (Optional) Change the Require sender authentication setting if necessary.
  6. Click Save. Changes can take up to 24 hours but typically happen more quickly. Learn more

You can also edit a list from within a Gmail setting that uses address lists:

  1. Point to a setting that uses address lists and click Edit.
  2. In the Edit setting box, find the Address lists option. For some Gmail settings, you must click Show options to display the Address lists option.
  3. Select the Address lists option, then click Create or edit list.
  4. The Manage address lists page opens in a new browser tab. Edit an address list as described above, then return to the Edit setting box on the original browser tab.
Change the address list used in a Gmail setting

You can change the address lists used in a setting, or add more lists to a single setting:

  1. Point to a Gmail setting that uses address lists and click Edit.
  2. In the Edit setting box, find the address lists option. For some Gmail settings, you must click Show options to display the address list.
  3. Do one of the following:
    • To stop using a list, point to the list name and click Don’t use.
    • To update the lists used in a setting, click Use existing list, and select the lists for the setting. You can select more than one list. Click X to save your changes and close the Select Address Lists box.
    • To use a new list or update a list and use it, click Create or edit list. The Manage address lists page opens in a new browser tab. Create or edit a list, then return to the Add setting box on the original browser tab. Click Use existing list and select the new list. 
Find a domain or email address in an address list

Use the Search feature to locate one or more addresses in a long address list. You can add, edit, or delete list entries when you have a search query in the search box. Changes that don't match the search criteria appear only after you clear the search criteria.

Note: Search is not case sensitive. For example, searching for bert returns results for BertBertrand, and Roberta.

  1. From a Gmail setting or from the Manage address lists page, edit an address list.
  2. At the top of the Edit address list box, enter an email address or domain in the Search address  field.
  3. Enter all or part of an email address or domain. The list is filtered to show only results that match your search query.
  4. (Optional) To clear your search query, click X.

About address list matching

Does address list matching apply to senders or recipients?

For incoming mail when your domain is the recipient, Gmail checks the sender against the address list.

For outgoing mail when your domain is the sender, Gmail checks the recipients against the address list.

Some settings apply address lists to incoming mail, for example Spam and Blocked senders. Some settings apply address lists to incoming and outgoing mail, for example Restrict delivery. Compliance and routing rules let you choose to apply settings to incoming mail, outgoing mail or both.

How does Gmail check senders?

For incoming mail, Gmail checks if the From: sender address matches any addresses or domains in the address lists. Gmail doesn't use the Return-Path: address for address list matching. The From: sender address is typically what's displayed as the sender address in your email inbox. The Return-Path: address is only displayed in the message header.

If the authentication requirement is turned on for the address list, Gmail checks if the sender is authenticated. Learn more about sender authentication.

Note for Email Log Search: Although address list matching is based on the From: sender, Email Log Search displays the Return-path: sender.

How does Gmail check recipients?

For outgoing mail, Gmail checks if messages recipients match any addresses or domains in the address lists. Recipients are addresses in the To:, Cc:, or Bcc: fields.

Gmail checks each recipient independently. If a recipient matches, the rule applies only to the copy of the message destined for that recipient. For example, if a TLS setting address list includes admin@solarmora.com but not help@solarmora.com, only the copy destined for admin@solarmora.com requires TLS.

Gmail ignores the sender authentication requirement when checking recipients.

What happens if I add my own domain to the address list?

If you add your domain to an address list, settings that use the list are applied to your entire domain. To manage delivery of internal messages, we recommend adding individual email addresses to the list, instead of your domain.

Why was an unlisted address considered a match?

Sometimes Gmail identifies a match even if the address isn't in an address list. This is because Gmail standardizes email addresses before checking for matches:

  • Periods and plus signs are removed from usernames
  • Subdomains are removed from email addresses
  • Email addresses are converted to all lowercase letters

For example, these addresses are treated as the same when matching to an address list: admin@solarmora.com, a.d.m.i.n@solarmora.com, admin@support.solarmora.com, Admin@Solarmora.com.

Settings can include multiple address lists. An address only needs to have a match in one address list in the setting to be a match for the setting.

How sender authentication protects your domain

Sender authentication is turned on by default for new address list entries. When sender authentication is on, a sender matches an address list only if their message is authenticated.

Sender authentication applies only to messages received by your domain. It's not applied to messages sent from your domain.

Important: Sender authentication helps protect your domain from spoofed email. When sender authentication is turned off, Gmail can't verify the message was sent by the person it appears to come from. We recommend you always leave the sender authentication option on to help protect your domain from spoofing, spam, and other malicious attacks.

Turn sender authentication on or off for an address or domain

Sender authentication is turned on by default for new address list entries. We don't recommend turning off sender authentication for address list entries. To change the authentication requirement for a sender:

  1. From a Gmail setting or from the Manage address lists page, edit an address list.
  2. In the Edit address list box, point to the address list and click Edit.
  3. Scroll or search to find the address to update.
  4. Turn the authentication requirement on or off, then click Save.
How sender authentication is determined

To verify sender authentication, Gmail checks that at least one of these conditions is met:

  • The message passes SPF and the From: sender matches the Return-path: sender.
  • The message has a valid DKIM signature, and the domain in the signature matches the From: sender.

The From: sender typically appears as the sender address in your email inbox. The Return path: sender usually appears only in the message header.

Subdomains are treated as a match to parent domains. For example, admin@support.solarmora.com is a match to admin@solarmora.com.

Messages must pass DMARC to pass authentication. DMARC requires messages to pass either SPF or DKIM.

Learn more about SPF, DKIM, and DMARC at Help prevent spoofing, phishing, and spam.

What if I need to turn off sender authentication?

The authentication option is turned on by default for addresses and domains in an address list. To help protect your domain from spoofing and other malicious attacks, we recommend you keep this option on.

If you get unauthenticated messages from trusted senders, contact the sender to ask them to fix email authentication issues.

If your domain gets only a small amount of unauthenticated mail, consider managing those messages with a Content compliance rule with these settings:

  • Bypass spam filter for this message
  • Only apply this setting for specific addresses or domains

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
11776280208049497017
true
Search Help Center
true
true
true
true
true
73010
false
false