These instructions will guide you how to whitelist Phish Insight’s server IPs in your GSuite environment. Once you’ve set up the whitelisting recommendations below, we recommend sending a test campaign to yourself or a small group first to ensure your whitelisting was successful. The changes may take up to an hour to propagate to all users within your organization.
TABLE OF CONTENTS
- Part I: Add Phish Insight sender IP addresses to your whitelist
- Part II: Add Phish Insight server IPs to your Inbound Gateway
Part I: Adding Phish Insight sender IP addresses to your whitelist
- Login to your admin account and select Apps.
- Select GSuite Core Services.
- Select Gmail.
- Once Gmail is selected, scroll all the way down and select Advanced settings >>.
- Enter our IP addresses separated by commas in the Email whitelist section (under Spam, phishing, and malware).
Note: To access this information, log in to Phish Insight, click the chat widget at the lower-right corner, click Allow List, and open Add Phish Insight to your Allow List.Please ensure that you are logged in to your account to see this option.
- Optional: Uncheck Enhanced pre-delivery message scanning temporarily to ensure that the connection won’t time out while reaching out to your server.
- For more info about pre-delivery message scanning: https://support.google.com/a/answer/7380368?hl=en
- Note: We recommend enabling this setting until your campaign delivery rate hits 100%.
- Edit the Spam settings. Select Bypass spam filters for messages received from addresses or domains within these approved senders lists. Create a new list and name for example Phish Insight sender. Add the Phish Insight sender address or domain name: mailrelaysrv.com and deselect Require sender authentication. Save.
Part II: Adding Phish Insight server IPs to your Inbound Gateway
Many of our phishing templates mimic real-life phishing attacks and due to the similarity of the templates with the past attacks, a Gmail warning banner may appear in your user’s inbox when they receive a simulated phishing email.
Note: We recommend enabling these settings for the duration of your campaign only
- Under Spam, phishing, and malware section; Add a new Inbound Gateway. Name the setting For example: Phish Insight Inbound Gateway
- Enter Phish Insight server IP addresses on the Gateway IPs. Please refer to Part I Step 5 for the list.
- Select Message is considered spam if the following header regexp matches.
Enter text for the Spam header tag that is unlikely to be found in your phishing simulation email. E.g. uyrghskfeoafkgoeonghgh
- Check the Disable Gmail Spam Evaluation on mail from this gateway; only use header value option.
- Click Save.