Allowlisting in your Sophos Email Appliance (SEA) will allow your users to receive phishing and training-related emails from the CanIPhish platform
The instructions below include information from the SEA Configuration guide, provided by Sophos. If you run into issues allowlisting CanIPhish in your Sophos appliance, we recommend contacting Sophos directly for specific instructions. You can also contact us at admin@caniphish.com for further assistance.
Modify the Allow/Block Lists
The Allow/Block lists let you define hosts and senders which are trusted or untrusted. Messages from allowed hosts and senders will bypass Sophos antispam filtering.
To add CanIPhish to the Allow list:
- In your SEA manager, navigate to Configuration > Policy > Allow Lists.
- Click the appropriate list to display the List Editor dialog box.
- Select the Hosts tab.
- In the Add entries text box, enter each required item* and click Add.
- On the Hosts tab, enter CanIPhish's IP. Please see our Allowlisting - Quick Reference article for a full list of our IP addresses.
- (Optional) you can also add CanIPhish's phishing link and landing page domains to the Allowlisted URLs list. Please see our Allowlisting - Quick Reference article for a full list of our landing page domains.
Sophos Firewalls
Allowlisting in Sophos firewall allows users who've failed your phishing tests to access CanIPhish's landing pages.
The instructions below were created for Sophos XG firewalls, so other versions of Sophos firewalls may require a different set of steps. We recommend contacting Sophos directly for specific instructions on how to whitelist CanIPhish.
To allowlist in Sophos XG Firewalls
- Contact us at admin@caniphish.com to request a copy of our phishing domains and landing page domains.
- Log in to the portal for the firewall.
- Select Web, located on the left.
- Select Exceptions, located at the top.
- If you don’t have an exception list, click Add Exception.
- Provide a name (CanIPhish) and an optional description for the list.
- Check the boxes to the right under Skip the selected checks or actions for the services you purchased.
- Check URL pattern matches.
- Enter each phishing and landing page domain, one line at a time, in the Search/Add box. XXXXXX and .com represent each phishing and landing page domain.
^([A-Za-z0-9.-]*\.)?XXXXXX\.com\.?/
- Click SAVE at the bottom of the page.
Should you have any difficulties with allowlisting, please don't hesitate to contact us.
Note: If you're using Sophos in front of M365, and still have M365 email security protections enabled, please contact the CanIPhish team for support. In this case, you may need to allowlist Sophos IPs instead of CanIPhish. To ensure this is done correctly, the CanIPhish support team will lend a helping hand.
Comments
0 comments
Please sign in to leave a comment.