Whitelisting our IPs and domains in your Sophos Email Appliance will allow your targets to receive emails from the PhishingBox platform.
Follow the instructions below to whitelist in Sophos. The contents of this article contain information from the Allow/Block Lists and the SEA configuration guide article provided by Sophos. If you have problems whitelisting PhishingBox in Sophos, you can reach out to Sophos for specific instructions.
Modify the Allow/Block Lists
The Allow/Block lists let you specify hosts and senders which are trusted or untrusted. Emails from allowed hosts/senders will ignore Sophos antispam filtering.
Follow these steps to add PhishingBox to the Allow list:
- In your Sophos Email Appliance (SEA) manager, navigate to Configuration > Policy > Allow Lists.
- Click the desired list to display the List Editor dialog box.
- If you have a spam filter in front of SEA, select the Senders tab. If you do not have a spam filter in front of SEA, select the Hosts tab.
- Enter each required item in the Add entries text field. Click Add.
- Depending on what you selected in Step 3 (Hosts or Senders)...
- If Senders, enter PhishingBox domain names, one by one. You only have to add the domain names you are utilizing in the email templates with which you are testing.
- If Hosts, enter PhishingBox IPs, one by one.
In order for your users to access our landing and training pages, you must whitelist PhishingBox domains on your Sophos firewall. These instructions were created for Sophos XG firewalls. Other versions of Sophos firewalls may require different steps, contact Sophos for specific instructions.
- Log in to the firewall's portal.
- Click on Web
- Click on Exceptions
- If you don't already have a list of exceptions, click Add Exception.
- Provide a name (PhishingBox) and a description for the exception list.
- Under Skip the selected checks or actions, check the boxes for the services you purchased.
- Enter the domains utilized by your email templates one line at a time in the Search/Add box.
- Click Save.