To safelist (whitelist) in GSuite and to prevent warning banners from appearing on your phishing emails, please complete the instructions outlined in this article.
Safelisting in GSuite
Follow the below instructions to safelist in GSuite.
Log into admin.google.com
Go to Apps
Go to Google Workspaces (or, Advanced Settings in G Suite)
Go to Gmail
Click Spam, phishing, and malware (or, Content Compliance in G Suite)
In the Email Allowlist field, enter the Portal IP addresses (found in this article). The IPs should be separated by commas. IP addresses to safelist include:
-
64.191.166.196 - phishing tests (US)
64.191.166.197 - phishing tests (EU)
198.61.254.6 - system emails
54.80.160.189
64.191.166.198
54.88.246.212
54.240.70.101
54.240.70.102
Click Save.
Setting up an Inbound Gateway for Portal IPs
Next, you'll want to configure an Inbound Gateway. Click the edit icon to the right of Inbound Gateway. Add the Portal IP addresses (found in this article), for phishing test emails enter 64.191.166.196 (US) or 64.238.34.10 (EU). Checkmark "Require TLS for connections from the email gateways listed above". Checkmark "Message is considered spam if the following header regexp matches". Enter a random text of letters, such as "lakjdfioeuohiuoiejasdifyaiuqwepqiank" (should be different than that, though). Checkmark "Disable Gmail spam evaluation on mail from this gateway; only use header value". The completed Inbound Gateway rule should look similar to this:
When done configuring the Inbound Gateway, save your changes.
Approved Senders List
Next, create an approved senders list to bypass the spam filter. Click the 'CONFIGURE' button in the 'Spam' row.
Give the rule a descriptive name, then check the 'Bypass spam filters for messages from senders or domains in selected lists' and 'Bypass spam filters and hide warnings for messages from senders or domains in selected lists' checkboxes.
Check the 'Bypass spam filters for messages from senders or domains in selected lists' and 'Bypass spam filters and hide warnings for messages from senders or domains in selected lists' checkboxes.
You can assign an existing list of domains/senders to the rule or create a new one. If you have to create a list, use the 'Create or edit list' link. This will open the Manage Address list page in a new tab.
On the Manage address list page, click 'ADD ADDRESS LIST'.
Add any phish domains you plan to use in phishing exercises.
For each domain, uncheck the 'Authentication required' checkbox:
Once the list is saved, add it to the spam rule under the 'Bypass spam filters for messages received from addresses or domains within these approved senders lists.' section and save the rule.
Click 'SAVE'.
Navigate back to the tab with the spam rule open.
Add the domain list to the spam rule under both the 'Bypass spam filters for messages from senders or domains in selected lists' and 'Bypass spam filters and hide warnings for messages from senders or domains in selected lists' sections.
Click 'SAVE'.
Allow up to 24 hours for the propagation of these rules.
- NOTE: If you are using G Suite Legacy, safelisting capabilities may be limited and you may not be able to fully safelist Portal. G Suite Legacy is a free G Suite version that was offered by Google prior to December 2012. For more info on G Suite Legacy, please see Google's article here: https://support.google.com/a/answer/2855120?hl=en. For information on safelisting in Google Workspace, see this article: https://support.google.com/a/answer/60751.