SKYNETIKS
SECURITY GUIDE

Complete Guide: How to Whitelist Domains & Emails in Google Workspace

Step-by-step guide to whitelist trusted domains and email addresses in Google Workspace to ensure important emails reach your users and bypass spam filters.

Perfect for: Perfect for: IT administrators managing email security, organizations needing to ensure business-critical emails are delivered, and companies implementing secure email communication with trusted partners.

Security ChecklistStart Configuration

Pre-Configuration Requirements & Planning

Essential preparation steps to safely whitelist domains and emails while maintaining security in Google Workspace.

Super Admin Access

Google Workspace Super Admin privileges to modify security settings

Trusted Domain List

Verified list of domains and email addresses that need whitelisting

Security Assessment

Review of current spam and phishing protection settings

User Impact Analysis

Understanding which users and groups will be affected by changes

Critical Security Considerations

  • Whitelisting bypasses spam and phishing filters - only trust verified sources
  • Regularly review and audit your whitelist to remove outdated entries
  • Consider using approved sender lists for individual users when possible
  • Monitor for any increase in spam or phishing attempts after whitelisting
  • Document all whitelist changes for compliance and security auditing

Step-by-Step Guide to Adding Secondary Domain

Follow these detailed steps to successfully add and configure your secondary domain in Google Workspace.

1

Access Google Admin Console

Navigate to the Google Workspace Admin Console and locate security settings

Detailed Steps:

  • Sign in to admin.google.com with your Super Admin account
  • Click on 'Apps' from the main dashboard
  • Select 'Google Workspace' from the apps list
  • Click on 'Gmail' to access email security settings
2

Navigate to Spam Settings

Access the spam, phishing, and malware protection settings

Detailed Steps:

  • In Gmail settings, click on 'Safety' from the left sidebar
  • Select 'Spam, phishing, and malware' option
  • You'll see options for different protection levels and exceptions
  • Locate the 'Email allowlist' or 'Approved senders' section
3

Configure Domain Whitelisting

Add trusted domains to bypass spam filtering for entire domains

Detailed Steps:

  • Click 'Add another rule' or 'Configure' under Email allowlist
  • Select 'Messages from addresses or domains' option
  • Enter the domain name (e.g., trusteddomain.com) in the input field
  • Choose whether to apply to specific organizational units or all users
  • Set the action to 'Bypass spam filters for messages'
4

Configure Individual Email Whitelisting

Add specific email addresses to the trusted sender list

Detailed Steps:

  • In the same Email allowlist section, add a new rule
  • Select 'Messages from addresses or domains' option
  • Enter specific email addresses (e.g., important@partner.com)
  • You can add multiple emails separated by commas or new lines
  • Configure organizational unit scope as needed
5

Set Advanced Whitelist Options

Configure additional settings for comprehensive email filtering

Detailed Steps:

  • Enable 'Also bypass filters for inbound mail from these senders'
  • Consider enabling 'Bypass Gmail's spam filter' option
  • Set up 'Do not quarantine' for whitelisted senders if needed
  • Configure 'Add X-Gm-Spam and X-Gm-Phishy headers' for tracking
  • Review 'Apply future changes to existing messages' setting
6

Configure User-Level Whitelisting

Allow individual users to manage their own approved senders

Detailed Steps:

  • Navigate to 'User settings' in Gmail configuration
  • Enable 'Allow users to manage their own approved senders list'
  • Users can then add trusted senders in their Gmail settings
  • This provides flexibility while maintaining admin oversight
  • Monitor user-level changes through audit logs
7

Test and Verify Configuration

Ensure whitelisting works correctly and doesn't compromise security

Detailed Steps:

  • Send test emails from whitelisted domains to verify delivery
  • Check that emails bypass spam folders and reach inboxes
  • Verify that non-whitelisted emails still get filtered properly
  • Review email headers to confirm whitelist rules are applied
  • Monitor for any false positives or security issues

Google Workspace Whitelist Configuration (Advanced Settings)

Advanced configuration options for fine-tuning domain and email whitelisting in Google Workspace.

Organizational Unit Scope:
Apply whitelist rules to specific OUs or entire organization
Use specific OUs for sensitive departments, organization-wide for general partners
Header Authentication:
Verify sender authenticity using SPF, DKIM, and DMARC
Enable authentication checks even for whitelisted domains for security
Quarantine Override:
Prevent whitelisted emails from being quarantined
Enable for critical business communications, monitor for abuse
Phishing Protection:
Apply phishing filters to whitelisted emails
Keep enabled to protect against compromised whitelisted accounts
Attachment Filtering:
Scan attachments from whitelisted senders
Maintain attachment scanning even for trusted senders
Important:
  • Whitelist changes may take up to 24 hours to fully propagate
  • Test configurations with non-critical emails first
  • Regular security audits should include whitelist review
  • Consider using Gmail's Advanced Phishing and Malware Protection

Common Issues & Solutions

Troubleshoot common problems when adding secondary domains to Google Workspace.

Whitelisted Emails Still Going to Spam

Solution:

Check if authentication (SPF, DKIM, DMARC) is failing. Verify the exact email address or domain spelling in whitelist rules.

Prevention:

Enable sender authentication verification and use exact domain/email formats

Legitimate Emails Blocked After Whitelisting

Solution:

Review organizational unit settings and rule conflicts. Check if other security rules override whitelist settings.

Prevention:

Test whitelist rules in a small OU first, review all existing email security policies

Users Can't Access Whitelist Settings

Solution:

Verify user permissions and enable 'Allow users to manage approved senders' in admin settings.

Prevention:

Clearly define which users can manage their own whitelists vs admin-managed lists

Changes Not Taking Effect Immediately

Solution:

Gmail filtering changes can take up to 24 hours. Clear browser cache and check after waiting period.

Prevention:

Plan whitelist changes in advance and communicate timing to users

Increased Spam After Whitelisting

Solution:

Review whitelisted domains for compromise, remove overly broad domain rules, implement additional verification.

Prevention:

Use specific email addresses instead of entire domains when possible, regular security audits

CERTIFIED GOOGLE PARTNER

Need Help Adding Your Secondary Domain?

While this guide covers the technical steps, domain setup can be tricky with DNS propagation, verification issues, and configuration complexities. Our Google Workspace experts can handle the entire process for you.

Quick Setup

Complete secondary domain setup in 24-48 hours

Zero Risk

No downtime or email disruption during setup

Free Support

Ongoing support included at no extra cost

Call: +91-9212378780WhatsApp Support

Frequently Asked Questions

Common questions about adding secondary domains to Google Workspace.

What's the difference between whitelisting a domain vs. individual email addresses?

Whitelisting a domain (e.g., company.com) allows all emails from any address at that domain to bypass filters. Individual email whitelisting only affects specific addresses. Domain whitelisting is broader but potentially less secure.

Can I whitelist subdomains separately from the main domain?

Yes, you can whitelist subdomains independently. For example, you can whitelist 'support.company.com' without whitelisting the entire 'company.com' domain. This provides more granular control over trusted senders.

How many domains or emails can I add to the whitelist?

Google Workspace doesn't specify a hard limit for whitelist entries, but for performance and security reasons, it's best practice to keep lists manageable. Consider using organizational units to distribute whitelist management.

Do whitelisted emails still get scanned for malware?

Yes, by default, whitelisted emails still undergo malware and virus scanning. Whitelisting primarily affects spam filtering. You can configure whether to apply phishing and malware protection to whitelisted senders.

Can I set up temporary whitelisting for specific time periods?

Google Workspace doesn't have built-in temporary whitelisting. You'll need to manually add and remove entries as needed. Consider using calendar reminders to review and remove temporary whitelist entries.

How do I whitelist emails for specific users instead of the entire organization?

Use Organizational Units (OUs) to apply whitelist rules to specific groups of users. Create an OU for the target users, then configure whitelist rules to apply only to that OU instead of the entire organization.

What happens if a whitelisted domain gets compromised?

Compromised whitelisted domains can send malicious emails that bypass spam filters. Regularly monitor your whitelist, enable authentication verification (SPF, DKIM, DMARC), and maintain phishing protection even for whitelisted senders.

Can users see which domains are whitelisted by administrators?

Regular users cannot see admin-configured whitelists through the Gmail interface. However, they can manage their own approved senders list if you enable that feature. Admins can view all whitelist configurations through the Admin Console.