If the quarantine digest shows "Contact Administrator to Take Action on This Email" instead of the normal options, this means that Proofpoint has blocked the message for some form of fraud. This is most often a result of failing DMARC, DKIM, or SPF. Proofpoint will prioritize indicators of potential fraud over any safe sender list entries / custom rules. This is designed to prevent malicious actors from freely spoofing people on your safe sender list.


Occasionally, you may encounter a situation where a legitimate sender's emails continue to be blocked for failing DMARC / DKIM / SPF due to some misconfiguration from their end. As a workaround however, we can create exceptions to these checks for their domain in Proofpoint. This will prevent the sender's emails from being blocked due to DMARC / DKIM / SPF failure.

Exceptions for trusted domains can be created by navigating to Malicious Content > Anti-Spoofing, then clicking “Manage Exceptions” under the appropriate section:

From here you can click Add Exception, type in the domain name, and then click “Add” to save the changes.