Why do I need to add Phish Insight to my Allow List?

Adding Phish Insight to your Allow List is essential to ensure Phish Insight emails can reach your users. Implementing the correct Allow List settings prevents email delivery issues and URL warnings. It will also ensure accurate reports about your users actions.


What are the things I need to add to the Allow List?

1.  Sender email domain:
@trendmicro.com

2.  Return path: pawt@mailrelaysrv.com

3.  Server IPs:

o    3.250.207.64/27
Note: These IPs are secured and exclusively reserved for Trend Micro Phish Insight product only

4.  Simulated phishing website URLs: (Note: we advise you to allow all these URL's but have highlighted the URL's currently in use in Bold and Underlined)



  • www.websitefun.info
  • www.solutionfun.info
  • www.internetservicetech.com
  • www.onlineservicetec.com
  • www.onlineservicetech.website
  • www.webfun.website
  • www.solutionfun.services
  • www.eservicebits.com
  • www.e-serviceparts.info
  • www.onlineservicefree.website
  • www.onlineservicefree.club
  • www.e-service.org
  • www.globalinfohost.com
  • www.siteserversolutions.com
  • www.forupsite.com
  • www.onlineservicenetwork.com
  • www.freecloudapps.net


What is a Simulated Phishing Website?

Simulated phishing websites contain landing pages that are part of a Phish Insight campaign. It is where your users are directed after clicking the link from the simulated phishing email. Trend Micro maintains the security and integrity of these websites.

Note: Phish Insight does not save any usernames or passwords entered by your users.


Do I need to add all of the URLs to my Allow List?

Adding all of the URLs to your Allow List is optional; however, we recommend adding all of them as it will have the following benefits:

  1. URL assignment is dynamic. Adding all URLs to your Allow List will save you repeating the same process for every campaign. 
  2. Search engines can potentially flag the website as suspicious and it will prevent your users from accessing the page. We remove flagged domains as soon as we get notified that they are blocked.


How can I set up the Allow List for my environment?

You can refer to these links to see the step-by-step instructions for setting up the allow list for your specific products: