How to allowlist CanIPhish in Cisco Ironport
If you're using Cisco Ironport spam filtering, you can allowlist CanIPhish to our simulated phishing test emails and training notifications through to your end users.
The instructions below include information from the Cisco whitelisting article. If you run into issues allowlisting CanIPhish in Cisco Ironport, we recommend reaching out to Cisco for specific instructions. You can also contact our support team whenever you need assistance.
Allowlisting Cisco Ironport
To allowlist CanIPhish in Cisco Ironport, do the following:
- From the Cisco Ironport admin console, navigate to the Mail Policies tab.
- Select HAT Overview. Please ensure that InboundMail lister is selected.
- Click WHITELIST. If you do not see WHITELIST, you can create your own group named "WHITELIST".
- Click Add Sender and add our IPs or hostnames. For the most up-to-date list of our IP addresses and hostnames, see our Allowlisting Quick Reference article.
- Click Submit and then Commit Changes.
Skipping Outbreak Filter Scanning
The instructions above for allowlisting Cisco Ironport do not prevent Ironport's Outbreak Filter from scanning emails from our IPs or hostnames. If you are experiencing issues with our emails being quarantined, you may also need to set our IPs or hostnames to bypass this filter.
To skip Outbreak Filter Scanning, do the following:
- From your Cisco Ironport admin console, navigate to the Mail Policies tab.
- Under the Message Modification section, enter our IP addresses or hostnames in the Bypass Domain Scanning table. For the most up-to-date list of our IP addresses and hostnames, see our Allowlisting Quick Reference article.
- Click Submit and then Commit Changes.
Troubleshooting
If Cisco Ironport is flagging CanIPhish's simulating phishing emails as spam or removing attachments from these emails, you may need to troubleshoot further in Cisco Ironport.
For a potential troubleshooting method, see the steps below. If you don't see the solution you're looking for, we recommend reaching out to Cisco Ironport for assistance.
- Create an individual HAT Mail Flow Policy specifically for CanIPhish.
- In this policy, disable Spam Detection and Virus Protection. For more information, see Cisco Ironport's Mail Flow Policy documentation.
- Add a sender group for our IP addresses or hostnames. For the most up-to-date list of our IP addresses and hostnames, see our Allowlisting Quick Reference article.
- Apply the policy to the sender group. For more information, see Cisco Ironport's Message Handing documentation.
Note: If you're using Cisco Ironport in front of M365, and still have M365 email security protections enabled, please contact the CanIPhish team for support. In this case, you may need to allowlist Cisco Ironport IPs instead of CanIPhish. To ensure this is done correctly, the CanIPhish support team will lend a helping hand.
Comments
0 comments
Please sign in to leave a comment.