It seems like your browser didn't download the required fonts. Please revise your security settings and try again.


As of March 1, 2022, the legacy Barracuda Essentials Security, Compliance, and Complete editions are no longer available for purchase. Only existing customers can renew or add users to these plans.

Following October 30, 2022, the documentation and trainings will no longer be updated and will contain outdated information.

For more information on the latest Email Protection plans, see Barracuda Email Protection.

To update your bookmarks, see the following for the latest documentation and trainings:

Note that MSP customers should continue to follow Barracuda Essentials for MSPs.

Sender and Recipient Analysis

  • Last updated on

Sender Analysis

Use the Inbound Settings > Sender Policies page to exempt, quarantine, or block messages based on username, domain, or email address. The Barracuda Email Security Service applies header scanning to both the Header and the Envelope From fields. In the Header field, only the email address portion is checked. Note that wildcards, for example, asterisk (*) or the @ sign are not supported. For example: * is recognized as 

Sender policies allow you to exempt, quarantine, or block messages as follows:

  • User – Only the username part of the sender's email address is checked. For example, adding a policy for a username of info means that the policy you select is applied to all inbound messages from senders with an email address of
    where represents any sending domain.
  • Domain – Only the domain part of the email address is checked.
  • Email address – The entire email address is checked.


  • Quarantine – Messages from the entered sender are always quarantined.
  • Block – Blocking a domain automatically blocks all subdomains. Note that blocking email addresses is not recommended as spammers rarely, if ever, use the same sender email address more than once.

  • Exempt – When you add a domain, subdomain, or email sender and select Exempt, the Barracuda Email Security Service always accepts, or allows those messages. Messages from allowed senders bypass spam scoring, Intent Analysis, and content filters, however, virus scanning and rate control are still applied. To bypass Sender Policy Framework (SPF) checking, add the Envelope From IP to exempt the sender. Barracuda Networks also recommends adding the sender IP to the SPF Exemptions list on the Inbound Settings > Sender Authentication page. 

    Warning: Spammers can use an exempt email address to bypass filtering; as such, allowing trusted IP addresses is a more reliable way to identify trusted domains. Add trusted IP addresses to your allow list on the Inbound Settings > IP Address Policies page. If the email sender and recipient addresses are the same, the Barracuda Email Security Service disregards the exempt email address and processes the mail normally. This is done because spammers know that users tend to allow their own email address.

Recipient Analysis

Use the Inbound Settings > Recipient Policies page to specify whether to always Scan or always Exempt (allowed) a recipient email address. Exempt (allowed) recipients bypass spam scoring (see Enable Cloudscan on the Inbound Settings > Anti-Spam/Anti-Virus page) as well as all other block lists. Virus scanning still applies.