Allow listing is an important procedure to ensure that our simulated phishing emails do actually reach your inboxes.
As you can imagine, email service providers and spam filters do a great job at stopping most phishing emails, the problem is, that includes our own simulated phishing emails.
That’s where allow-listing comes in; we want as many of our simulated phishing emails as possible to reach your inbox.
Here’s what you need to do:
What are the IP addresses to allow list? #
198.21.6.191
168.245.56.242
99.80.168.14
Allow-listing by IP address in Microsoft’s Office365 #
- Go to the M365 Security Portal – https://security.microsoft.com/
- Expand Email & Collaboration in the sidebar on the left and navigate to Policies & rules > Threat Policies > Anti-spam
- Click Connection filter policy and then Edit connection filter policy on the fly out
- Add the IP addresses to the Always allow messages from the following IP addresses or address range field.
- Note: Hit return after adding each IP address rather than copy and pasting.
- Click Save to enable the new settings.
Allow-listing by IP address in Google Workspace #
1) Add IP addresses to the Google Workspace allow-list #
- Log in to https://admin.google.com
- Navigate to Apps -> Google Workspace -> Gmail
- Scroll down to the bottom of the Gmail settings page and click Spam, Phishing and Malware
- Select Email whitelist which is the first option.
- Enter the IP addresses in the Email whitelist section, separated by commas.
- Click Save. It may take up to an hour for the changes to apply to all users.
2) Add IP addresses as Inbound Gateways #
Google Workspace will automatically tag some emails as suspicious if it believes there’s a chance they are phishing-related, and may add banners to them to notify users of increased risk.
To better assess your users’ vulnerability to phishing, you will want to ensure that these banners do not show up during our simulated phishing campaigns. Follow the instructions below:
- Log in to https://admin.google.com
- Navigate to Apps -> Google Workspace -> Gmail
- Scroll down to the bottom of the Gmail settings page and click Spam, Phishing and Malware
- Scroll down to the third option down Inbound gateway
- Add the IP addresses to the Gateway IPs list
- Ensure that the Reject all mail not from gateway IPs setting is unchecked
- Check the Require TLS for connections from the email gateways listed above setting
- Under Message Tagging, ensure Message is considered spam if the following header regexp matches is checked
- In the Regexp field, enter text that is unlikely to be found in a simulated phishing email, for example: dhqlorfecxzqwklcpssvpsnlx
- Check the Disable Gmail spam evaluation on mail from this gateway; only use header value setting
- Click Save
Other email providers #
If your emails are hosted elsewhere, it’s likely you will need to contact your hosting provider (or us) for further assistance on white-listing/allow-listing our IP addresses.
Further support #
We’re on hand if you need any assistance with allow-listing relating to our User Aware Training/Simulated Phishing service, just get in touch.