Allowlisting CanIPhish in your Email Platform
Allowlisting - Quick Reference - IPs, Headers & URLs
Multiple allowlisting methods are listed below. Choose the method that best suits your organisation - preferred methods have been tagged.
Microsoft/Office 365
- Allowlisting - Use M365 Defender to allow a Phishing Simulation
- M365 Direct Email Injection (API Integration To Bypass Allowlisting)
- Supplemental Allowlisting Guides (Optional):
- M365 With Third-Party Email Gateway/Mail Relay/ Hybrid On-Prem Exchange:
Microsoft Exchange Server
- Allowlisting - By IP Address in Exchange 2013 or 2016
- Allowlisting - By Email Headers in Exchange 2013 or 2016
- Allowlisting - By Email Headers in Exchange 2010
Google Workspace
Allowlisting CanIPhish in your Secure Email Gateway
If your organisation invests in additional email filtering technologies (e.g. Proofpoint, Sophos, Cisco Ironport, etc.) then you will need to add allowlisting rules to prevent CanIPhish emails from being classified as spam or phishing.
If you utilise a secure email gateway outside what's listed below, please contact us.
- Allowlisting - Mimecast Cloud Email Security
- Allowlisting - Mimecast Email Security Cloud Integrated (Graph API Integration With M365)
- Allowlisting - Proofpoint
- Allowlisting - Sophos Products
- Allowlisting - Symantec MessageLabs/Cloud
- Allowlisting - Barracuda
- Allowlisting - Cisco Ironport
- Allowlisting - Spam Titan
- Allowlisting - AppRiver
- Allowlisting - Avanan
- Allowlisting - SpamHero
- Allowlisting - MPmail
- Allowlisting - Trend Micro Cloud App Security
- Allowlisting - Bitdefender Email Security
- Allowlisting - Hornetsecurity
- Allowlisting - VIPRE Email Security
- Allowlisting - Darktrace
- Allowlisting - Intermedia
- Allowlisting - Perception Point
Phishing Website Allowlisting
CanIPhish works diligently to ensure our phishing websites operate smoothly. However, certain security tools may encounter issues when used for simulated phishing.
Below, we’ve outlined common security solutions and whether allowlisting is necessary:
- Google Safe Browsing: No action required
- Microsoft Smart Screen: No action required
- Microsoft Defender for Endpoint (Web Protection): Allowlisting required
- McAfee/Trellix Web Control: No action required
- Palo Alto Networks PAN-OS And Prisma Access: Allowlisting required
- Sophos Web Protection: Allowlisting required
- Cisco Umbrella: Allowlisting required
- Fortinet FortiGate: Allowlisting required
- VIPRE Endpoint Security: Allowlisting recommended
Troubleshooting
Having trouble with allowlisting? Please contact the team at CanIPhish for support. In some cases, endpoint protection software may quarantine emails. In other cases. if you have multiple email security solutions (e.g. Barracuda Email Security infront of M365), you may need to setup skiplisting within M365. To ensure everything is done correctly, our support team will lend a helping hand.
Advise CanIPhish that you've setup Email Allowlisting
Once Email Allowlisting has been setup, please go to the Campaigns page and turn off the email allowlisting notification.
Comments
0 comments
Please sign in to leave a comment.