If you're using Proofpoint's spam filtering, you can allowlist CanIPhish to ensure our simulated phishing emails and training notifications arrive in employee inboxes.
- Create A Policy Route Of The Necessary IPs
- Use The Policy Route To Bypass The Spam Module
- Use The Policy Route To Bypass The Anti-Spoofing Rules
- Use The Policy Route To Bypass The Anti-Virus Rule (CLEAR Implementations)
- Use The Policy Route To Bypass TAP Attachment Defense
- Use The Policy Route To Bypass TAP URL Defense
You must complete the following steps in order to allowlist Simulated Phishing and Security Awareness Training in Proofpoint Protection Services. ALL steps must be completed.
See our Allowlisting Guide for the list of IPs needed.
Create A Policy Route Of The Necessary IPs
- Click on System at the top, then Policy Route on the menu on the left
- Click New Route at the top of the page
- Give the Route an ID (No Spaces) and a Description (Suggest CanIPhish_PSAT)
- Click on Add Condition
- Select Sender IP Address for the Condition
- Select Equals for the Operator
- Enter all of the IP addresses listed in our Allowlisting Guide
- Click Add and New Condition to enter the next IP
- Repeat Steps 4 ~ 8 using the OR radio button at the top until all IPs are entered
- Click Add Condition to close the pop-up
- Click Save Changes at the top to save the Policy Route
Use The Policy Route To Bypass The Spam Module
- Click on Email Protection > Spam Detection > Settings > General
- Verify Disable Processing for Selected Policy Routes is enabled
- If not, click the checkbox to enable the feature
- Select the CanIPhish_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
- Click Save Changes
Use The Policy Route To Bypass The Anti-Spoofing Rules
- Click on Email Protection > Email Firewall > Rules
- Click Edit Rule for your current, active, anti-spoofing rule
- Under Conditions, verify Disable Processing for Selected Policy Routes is enabled.
- If not, click the checkbox to enable the feature
- Select the CanIPhish_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
- Click Save Changes
Use The Policy Route To Bypass The Anti-Virus Rule (CLEAR Implementations)
- Click on Email Protection > Virus Protection > Settings > Rules
- Verify Disable Processing for Selected Policy Routes is enabled
- If not, click the checkbox to enable the feature
- Under Conditions, verify Disable Processing for Selected Policy Routes is enabled
- If not, click the checkbox to enable the feature
- Select the CanIPhish_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
- Click Save Changes
Use The Policy Route To Bypass TAP Attachment Defense
- Click on Email Protection > Targeted Attack Protection > Attachment Defense > Settings
- Verify Disable Processing for Selected Policy Routes is enabled
- If not, click the checkbox to enable the feature
- Select the CanIPhish_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
- Click Save Changes
Note: The policy route built to tag the Phishing messages should also be disabled on the System > Settings > System menu, under the Enable Traffic Statistics Feedback to Proofpoint options, in the Disable Processing list.
IMPORTANT: If additional filtering is occurring after PPS\TAP, it will be necessary to create an additional rule to add a header and value to the email for further safelisting downstream.
Use The Policy Route To Bypass TAP URL Defense
- Click on Email Protection > Targeted Attack Protection > URL Defense > Settings
- Verify Disable Processing for Selected Policy Routes is enabled
- If not, click the checkbox to enable the feature
- Select the CanIPhish_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
- Click Save Changes
If the message from the Platform is still being blocked, first use PPS SmartSearch and Exchange Search to see what is blocking the messages.
Note: If you're using Proofpoint in front of M365, still have M365 email security protections enabled, and are experiencing issues with emails being blocked, you may need to use our Direct Email Injection M365 Integration.
Comments
0 comments
Please sign in to leave a comment.