Whitelisting allows PhishingBox's simulated phishing emails to bypass your mail filter. In order for PhishingBox simulations to function properly, our IPs must be whitelisted in your spam filter. Some systems may require whitelisting by headers to ensure our test emails are received by your users.
PhishingBox IP addresses
Before running any tests, you need to whitelist the following IP addresses on your servers to ensure delivery:
In some scenarios, depending on email client/firewall configuration, you may have to whitelist phishing and landing domains. The domains that need to be whitelisted are specified by the templates that you are using. The image below shows where to locate the domain utilized by the template.
Whitelisting Best Practices
Make sure PhishingBox simulated phishing emails are not being sent to the spam folder or being filtered automatically by some external spam filtering system. If it is, and whitelisting doesn't work, the content of the email might have to change to lower the spam rating. A service we recommend for testing is mail-tester.com/
If you don't want to send from our mail servers, you can use your own internal SMTP server to send the mail. This is done from Template Edit Email > Change Outgoing Server.
For diagnoses purposes, send the test email to another location, another person on a different domain, and another person on the same domain. If the mail sends to the different domain and no one on one specific domain, it has to be their mail servers. If it sent to some people but not others it can't be a PhishingBox problem. If it is sent to one person within a domain but not another it could be in the spam folder, or it's a user problem, or their system has some kind of multi-tiered distribution system with different levels of security.
For further inquiries, contact PhishingBox customer support.