Bryley Basics: When to filter email by domain, rather than by a single address

Have you ever had trouble receiving email from someone, even after you have added their address to your email filter’s allow list or whitelist?  In some instances you may be able to solve this problem simply by adding the domain from the contact’s email address to your allow list, rather than adding their entire address.  If you aren’t entirely sure how to identify the domain in an email address, don’t worry, we will cover first.  Then we will take a look at when and why this might work.

Every email address is composed of two major components, the User Identifier and the domain.  If we take the address for example, we have the User Identifier “Support,” and the domain “”  Essentially, everything that comes before the @ symbol is part of the User Identifier, and everything that follows the @ symbol is part of the domain.

What’s wrong with including the User Identifier?

The problem is that some email systems generate a unique User Identifier every time a user sends an email.  As a result, instead of the address, you might see, where “245789” is a computer generated set of numbers added to the User Identifier every time a user sends a new email.  The domain, on the other hand,  will remain the same, making it a more reliable means of identifying email coming from a particular source.

Why do User Identifiers change?

There are two major reasons why email systems might create unique User Identifiers.  The first is to allow a large number of users to send email through a single system without each user having to have their own dedicated email address.  For instance, this is extremely common within help desks at large companies as it remove the need for each staff member to have a separate email address dedicated for that purpose.  Instead, unique addresses are created on the fly as needed, and expire once they are no longer necessary.

The second is that it allows an end user to communicate with someone they don’t know without having to expose their actual email address. This effectively creates a buffer between the users email address and various sources of unwanted email.

For instance, when signing up for an online mailing a user can create what is effectively a one-off email address, unique for that purpose.  That way, if they no longer wish to receive that mailing at some point, the user can simply delete that unique address, rather than relying on the unsubscribe system of that service.

In addition, if an organization were to abuse a unique address given to them by a user, it would become obvious who the offending party was, as no one else would have that unique address.  As a result, the ability to create unique email address is catching on within email security solutions.  For instances, this is an option available within Sophos Reflexion, the email security solution deployed by Bryley Systems.

In general, however, these systems will not modify the domain a user is sending from.  As a result, if you trust the contact’s organization, adding only their domain to your email filter’s allow list should allow you to receive email from them, even if their User Identifier changes regularly.