Safelisting (Whitelisting) Basics – Support Center

Why Safelist?

Safelisting allows Portal simulated phishing emails to bypass your mail filter. In order for Portal simulations to function properly, our IPs must be whitelisted in your spam filter. Some systems may require safelisting by headers to ensure our test emails are received by your users.

Portal IP addresses

The PhishingBox portal IP address is 54.80.160.189.

System emails will originate from the following IP address. System emails include new account user emails and domain authorization emails. Any emails generated in PhishingBox that are not simulated phishing emails are considered system emails.

64.191.166.196
69.72.47.194
64.191.166.197

Note: Simulated phishing emails will originate from 64.191.166.196. System emails will originate from the other IP addresses. (Some email security software, such as Mimecast, will require you to safelist by CIDR range. The Portal's CIDR range is 64.191.166.196/24.)

PhishingBox landing pages and image assets are hosted on the following IP address. To allow landing pages or images hosted by PhishingBox to display, you may need to whitelist the landing page server to display images in emails or landing pages and allow targets to access landing pages.

64.191.166.198

Email Header

If your security configuration does not allow safelisting by IP, you also have the option of using our custom email header, which will be inserted into every email your organization receives from Portal. The header has the name 'X-PHISHTEST' and the value 'PhishingBox'.

Safelisting Domains

In some scenarios, depending on email client/firewall configuration, you may have to whitelist phishing and landing domains. The domains that need to be whitelisted are specified by the templates that you are using. The image below shows where to locate the domain utilized by the template when viewing the Manage Templates page.

Safelisting Best Practices

Make sure the Portal's simulated phishing emails are not being sent to the spam folder or being filtered automatically by some external spam filtering system. If it is, and safelisting doesn't work, the content of the email might have to change to lower the spam rating. A service we recommend for testing is mail-tester.com/

If you don't want to send from our mail servers, you can use your own internal SMTP server to send the mail. This is done from Template Edit Email > Change Outgoing Server.

For diagnosis purposes, send the test email to another location, another person on a different domain, and another person on the same domain. If the mail sends to the different domain and no one on one specific domain, it has to be their mail servers. If it is sent to some people but not others it can't be a Portal problem. If it is sent to one person within a domain but not another it could be in the spam folder, or it's a user problem, or their system has some kind of multi-tiered distribution system with different levels of security.

Safelisting Assistance

The Portal's technical support team can provide some help with safelisting issues. However, there are many different kinds of mail filtering services and providers in use. If your campaign emails are not being received by your targets after following the safelisting steps outlined above, we recommend communicating directly with your service provider to properly whitelist the Portal.

Shown below is an email you may want to send to your service provider's support team to request safelisting assistance. This message will help them understand the services Portal provides:

Our organization is using Portal, a security training platform that provides simulated phishing tests and training for our company's employees. We would like to whitelist all Portal simulated phishing tests and training emails so that they successfully reach the inboxes of our employees. Would you please help us whitelist Portal's IPs and hostnames?

For further inquiries, contact Portal customer support.