If you are using G Suite Legacy, whitelisting capabilities are limited and you may not be able to whitelist Hook Security properly. G Suite Legacy was a free G Suite version that was offered by Google prior to December 2012. For more information, please see Google's article here.
How to Whitelist by IP Address in GSuite/Google Apps
The below instructions will show you how to whitelist Hook Security's simulated phishing emails and training notifications by IP address in your GSuite environment. This setting is recommended if you do not have a cloud-based spam filter in front of GSuite. If you do have a cloud-based spam filter, you should whitelist us by our IP Addresses in the filter, and whitelist by header in GSuite.
This method of whitelisting is a two-part process:
- Add Hook Security's IP addresses to Email Whitelist
- Add Hook Security's IP addresses as Inbound Gateways
Part 1: Add Hook Security's IP addresses to Email Whitelist
Below are instructions on how to set up your IP allow list for GSuite/Google Apps. These instructions were gathered from Email Whitelist in Google Suite.
- Log in to https://admin.google.com and select Apps.
- Select G Suite.
- Select Gmail.
- Select Advanced settings.
- In the Organizations section, highlight your Domain. Do not select an organizational unit (OU).
G Suite does not allow whitelisting by IP Address for individual OUs, only the entire domain.
- In the Email whitelist section, enter our IP addresses separated by commas. For the most up-to-date list of our IP addresses, please see this article.
- Click Save.
Part 2: Add Hook Security's IP addresses as Inbound Gateways
This method of whitelisting is to prevent the following Google banners from appearing in your user's inbox when they receive a simulated phishing test from Hook Security:
This message seems dangerous
Be careful with this message
We have found that this process exempts Hook Security's simulated phishing emails from the Gmail banner warnings. However, this is not documented by Google as a whitelisting recommendation.
- Log in to your Google Admin Console.
- Navigate to Apps > G Suite > Gmail > Advanced settings.
- Under General Settings, select your top-level organization (typically your primary domain) on the left.
- Scroll down to the Inbound Gateway setting located under the Spam section. Hover over the setting and click the Edit button. This will open the Inbound gateway screen.
- Configure the Inbound gateway using the settings below:
- Gateway IPs
Add Hook Security's IP addresses. For the most up-to-date list of our IP addresses, please see this article.
- Leave the Reject all mail not from gateway IPs option unchecked.
- Check Require TLS for connections from the email gateways listed above.
- Message Tagging
Enter text for the Spam Header Tag that is unlikely to be found in a PST email. This field is required.
- Example: dsfgkgyfytffnfioasmnfrfhgfhjjhg
- Select the Disable Gmail spam evaluation on mail from this gateway; only use header value option.
- Click the SAVE button.
- Gateway IPs