To safelist (whitelist) in GSuite and to prevent warning banners from appearing on your phishing emails, please complete the instructions outlined in this article.
Safelisting in GSuite
Follow the below instructions to safelist in GSuite.
Log into admin.google.com
Go to Apps
Go to G Suite
Go to Gmail
Click Advanced Settings
Click Content Compliance
- Check the box Inbound under Email messages to affect
- Create an expression rule
- If ANY of the following match the message
- Advanced content match
- Location -> Full headers
- Match type -> Contains text
- Content -> X-PHISHTEST
- If the expression rule matches then do the following
- Spam -> Bypass spam filter for this message
- Spam -> Bypass spam filter for this message
Under Spam, Click the input field for Email whitelist
Enter the IP addresses for the Portal, separated by a comma (to see a complete list of Portal IP addresses, please see the Safelisting (Whitelisting) Basics article.)
Setting up an Inbound Gateway for Portal IPs
This section describes how to set up an inbound gateway for the Portal IPs. Setting up the inbound gateway should prevent warning banners from appearing on your phishing emails in G Suite.
After logging in to your Google Admin Console, go to Apps > G Suite > Advanced Settings. In the General Settings section, click on your top-level organization (usually your primary domain) on the left. Scroll down and click on Inbound gateway (under the Spam section) and match your settings as the following:
In the Message Tagging section check the 'Message is considered spam if the following header regexp matches' checkbox. Enter a long string of characters that is unlikely to be sent in an email in the 'Regexp' field, e.g. '9ECDA0116EB508285106053A58CBBFF6EA88A652'. Select the 'Message is spam if regexp matches' radio button, and check the 'Disable Gmail spam evaluation on mail from this gateway; only use header value' checkbox.
Save the settings for the Inbound gateway.
Click 'CONFIGURE' in the Spam section.
Give the new spam list a short description. Check the 'Bypass spam filters for messages received from addresses or domains within these approved senders lists' checkbox. If no lists are used yet, click the 'Use existing or create a new one' link, enter a name for the list, and then click 'CREATE'.
After creating the list, click the 'Edit' link in the new list's row.
Add the domains you intend to use in phishing tests to the new list. After entering a domain click 'SAVE'. If you wish to add additional domains, click the + icon.
Once you have completed the new spam rule, click 'ADD SETTING' located in the lower right-hand corner of the window.
Allow time for the propagation of these rules.
- NOTE: If you are using G Suite Legacy, safelisting capabilities may be limited and you may not be able to fully safelist Portal. G Suite Legacy is a free G Suite version that was offered by Google prior to December 2012. For more info on G Suite Legacy, please see Google's article here: https://support.google.com/a/answer/2855120?hl=en. For information on safelisting in Google Workspace, see this article: https://support.google.com/a/answer/60751.
If you have additional questions please feel free to contact our Support staff.
- Open a Support Ticket: support@phishingbox.com
- Call Us on the Phone: +1 877-634-6847
Comments
0 comments
Please sign in to leave a comment.