Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

Whitelisting in SpamAssassin

Updated:

Created:

How to Whitelist in SpamAssassin

If you're utilizing SpamAssassin's spam filtering, you can whitelist KnowBe4 to allow our simulated phishing test emails and training notifications through to your end users.
Although there is typically not an interface for SpamAssassin, you can edit your custom SpamAssassin config file to add rules allowing KnowBe4's emails through–based on the header and IP address of the phishing tests.

The instructions below are for a third-party software. If you run into issues whitelisting KnowBe4 in SpamAssassin, we recommend reaching out to SpamAssassin for specific instructions. You can also contact our support team whenever you need assistance.

Below you can see the rules you'll want to add. Please make sure to substitute the text in red with our IP addresses. For the most up-to-date list of our IP addresses, please see this article.
NOTE: This rule set contains lines for both our US and EU IP addresses, you'll only need to include the IPs for the server where your account resides.

header           __KNOWBE4_HEADER               X-PHISHTEST =~ /\bKnowBe4\b/i
header           __KNOWBE4_RCVD_US_001     Received =~ /\[xx\.xx\.xxx\.xxx\]/
header           __KNOWBE4_RCVD_US_002     Received =~ /\[xx\.xx\.xxx\.xxx\]/
header           __KNOWBE4_RCVD_US_003     Received =~ /\[xx\.xxx\.xxx\.xxx\]/
meta              __KNOWBE4_RCVD_US              (__KNOWBE4_RCVD_US_001 || __KNOWBE4_RCVD_US_002 || __KNOWBE4_RCVD_US_003)

header           __KNOWBE4_RCVD_EU_001      Received =~ /\[xx\.xx\.xxx\.xxx\]/
header           __KNOWBE4_RCVD_EU_002      Received =~ /\[xx\.xx\.xxx\.xxx\]/
header           __KNOWBE4_RCVD_EU_003      Received =~ /\[xxx\.xxx\.xxx\.xxx\]/
meta              __KNOWBE4_RCVD_EU               (__KNOWBE4_RCVD_EU_001 || __KNOWBE4_RCVD_EU_002 || __KNOWBE4_RCVD_EU_003)

meta              KNOWBE4                                    (__KNOWBE4_HEADER && (__KNOWBE4_RCVD_US || __KNOWBE4_RCVD_EU))

describe         KNOWBE4                                   Mail is from KnowBe4
score              KNOWBE4                                   -20.0

 

Note:

After following this article, we recommend setting up a test phishing campaign to 1-2 users to ensure your whitelisting was successful. As a last resource, we suggest reaching out to your service provider for assistance. Visit here for an email template you can send to your service provider.

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles