Adaptive gives you three lists for controlling how messages are handled: the Allow List, the Deny List, and the Exclusion List. Allow and Deny lists let you override how senders are treated—trusting messages from specific email addresses or domains, or blocking them outright. The Exclusion List works differently: it removes internal mailboxes, such as service accounts and automated senders, from scanning entirely.
Each list is made up of rules—individual entries, each identifying one email address or domain.
This article walks through managing rules across all three lists: adding them individually, bulk-importing them via CSV, and (for Google Workspace organizations) syncing existing Allow/Deny rules directly from Google.
Allow List and Deny List Management
The Allow List and Deny List work the same way and share the same rule format, so the steps below apply to both. Each rule accepts either an email address (e.g. [email protected]) or a domain (e.g. example.com). A domain rule applies to all senders at that domain.
Note: the same value can't be a rule on both lists at once. If a value is already on the opposite list, remove it there before adding it.
There are three ways to add rules—one at a time, in bulk from a CSV, or synced from Google Workspace.
Adding a single rule
Navigate to the Allow List or Deny List tab.
Click Add rule.
Enter a name, select Email or Domain, and enter the value.
Click Add.
Importing rules via CSV
To add many rules at once, click Import CSV. The file must include rule name and value columns; Adaptive infers the rule type (email vs. domain) automatically from each value. The maximum file size is 1 MB, and a sample CSV is available to download from the import dialog.
After upload, a summary reports how many rules were:
Created — added successfully
Skipped — duplicates already on this list
Conflicted — already on the opposite list
Failed — invalid format
Syncing from Google Workspace (Google integrations only)
Google integrations only. If your organization uses Google Workspace, you can pull your existing Google Allow/Deny lists directly into Adaptive rather than re-entering them. Click Import from Workspace to start.
This requires the cloud-identity.policies.readonly scope, granted in your Google Admin Console. The dialog guides you through verifying and granting the permission.
Once synced, you can tell at a glance where each rule came from: rules imported this way are labeled Workspace sync in the Source column, while manually added rules are labeled Admin upload. Filter by source to see which rules came from which origin.
Deleting rules
Single rule: Click the ⋮ menu on any row and select Delete.
Bulk delete: Check one or more rows, then use the Actions menu that appears to delete the selection.
Exclusion List
The Exclusion List serves a different purpose from the Allow and Deny lists. Instead of changing how senders are treated, it removes specific internal email addresses or domains from Email Security scanning and protection altogether. Use it for service accounts, automated senders, or any mailbox that should never be analyzed.
Two rules specific to this list are worth knowing before you start:
Values must belong to your organization's verified domains.
If your organization has multiple email providers connected (Google/Microsoft), each Exclusion List is scoped to its respective provider—so you'll choose a provider when adding or importing rules.
Adding an exclusion rule
Navigate to the Exclusion List tab.
Click Add rule.
Enter a name, select Email or Domain, choose the Email provider, and enter the value.
Click Add.
Importing exclusion rules via CSV
Click Import CSV, select the target email provider, then upload a file with rule name and value columns. The same 1 MB limit applies, and you'll see the same Created / Skipped / Conflicted / Failed summary after import.
Deleting exclusion rules
Deletion works just like the Allow and Deny lists: use the ⋮ menu for a single rule, or select multiple rows for bulk deletion.





