Approved email domains

Have more questions? Submit a request

Who is this information for?

This information applies to all schools and academy trusts signing into the Secure Schools platform.


Accepted domains

When users are added to your account directly or through your MIS integration, their email addresses will also be brought in. If these addresses are hosted on your organisation's email service (e.g., then the domain and these email addresses should be approved automatically by our system.

Manual approval may be necessary if the emails assigned to these users are on another domain. This could be a domain used by your Trust, Federation, or another organisation. 


Rejected domains

If the accounts imported, however, are using common public email hosting (e.g. Gmail, Yahoo, Outlook, etc.) then these will not normally be approved. This step ensures that the information shared with the account doesn't leave secure systems, and if a Phishing simulation is created, it cannot impact public systems. 


Non-staff email addresses

You may also have accounts for the broader organisation, including governors, etc., that don't currently have an official email account. While the NCSC and DfE don't require that organisation email addresses be used by them, you're strongly advised to create them to ensure the security of the information sent to them, and to maintain separation of official and personal communications.

Articles in this section

Was this article helpful?
0 out of 0 found this helpful
  • Fow how-to and support videos please visit our channel