Allowlisting - Introduction

Allowlisting CanIPhish in your Email Platform

Allowlisting - Quick Reference - IPs, Headers & URLs

Multiple allowlisting methods are listed below. Choose the method that best suits your organisation - preferred methods have been tagged.

Microsoft/Office 365

• Allowlisting - Use M365 Defender to allow a Phishing Simulation
• M365 Direct Email Injection (API Integration To Bypass Allowlisting)
• Supplemental Allowlisting Guides (Optional):
  • Allowlisting - Bypass Safe Link/Attachment Processing of M365 Advanced Threat Protection (ATP)
  • Allowlisting - Automatically Download Images For Emails Sent To Microsoft 365
  • Integrating With Microsoft's Built-In "Report Phishing" Button On Outlook
• M365 With Third-Party Email Gateway/Mail Relay/ Hybrid On-Prem Exchange:
  • Microsoft 365 - Enhanced Filtering For Connectors (Skiplisting)

     Microsoft Exchange Server

• Allowlisting - By IP Address in Exchange 2013 or 2016
• Allowlisting - By Email Headers in Exchange 2013 or 2016
• Allowlisting - By Email Headers in Exchange 2010

Google Workspace

• Allowlisting by IP Address in Google Workspace
• Google Workspace Direct Email Injection (API Integration To Bypass Allowlisting)

Allowlisting CanIPhish in your Secure Email Gateway

If your organisation invests in additional email filtering technologies (e.g. Proofpoint, Sophos, Cisco Ironport, etc.) then you will need to add allowlisting rules to prevent CanIPhish emails from being classified as spam or phishing.

If you utilise a secure email gateway outside what's listed below, please contact us.

• Allowlisting - Mimecast Cloud Email Security
• Allowlisting - Mimecast Email Security Cloud Integrated (Graph API Integration With M365)
• Allowlisting - Proofpoint
• Allowlisting - Sophos Products
• Allowlisting - Symantec MessageLabs/Cloud
• Allowlisting - Barracuda
• Allowlisting - Cisco Ironport
• Allowlisting - Spam Titan
• Allowlisting - AppRiver
• Allowlisting - Avanan
• Allowlisting - SpamHero
• Allowlisting - MPmail
• Allowlisting - Trend Micro Cloud App Security
• Allowlisting - Bitdefender Email Security
• Allowlisting - Hornetsecurity
• Allowlisting - VIPRE Email Security
• Allowlisting - Darktrace
• Allowlisting - Intermedia
• Allowlisting - Perception Point

Phishing Website Allowlisting

CanIPhish works diligently to ensure our phishing websites operate smoothly. However, certain security tools may encounter issues when used for simulated phishing.

Below, we’ve outlined common security solutions and whether allowlisting is necessary:

• Google Safe Browsing: No action required
• Microsoft Smart Screen: No action required
• Microsoft Defender for Endpoint (Web Protection): Allowlisting required
• McAfee/Trellix Web Control: No action required
• Palo Alto Networks PAN-OS And Prisma Access: Allowlisting required
• Sophos Web Protection: Allowlisting required
• Cisco Umbrella: Allowlisting required
• Fortinet FortiGate: Allowlisting required
• VIPRE Endpoint Security: Allowlisting recommended

Troubleshooting

Having trouble with allowlisting? Please contact the team at CanIPhish for support. In some cases, endpoint protection software may quarantine emails. In other cases. if you have multiple email security solutions (e.g. Barracuda Email Security infront of M365), you may need to setup skiplisting within M365. To ensure everything is done correctly, our support team will lend a helping hand.

Advise CanIPhish that you've setup Email Allowlisting

Once Email Allowlisting has been setup, please go to the Campaigns page and turn off the email allowlisting notification.