How to Whitelist in Proofpoint

If you're using Proofpoint Essential's spam filtering or Proofpoint Enterprise's Allowlist, you can whitelist KnowBe4 to allow our simulated phishing test emails and training notifications through to your end users. 

The instructions below are for third-party software. If you run into issues whitelisting KnowBe4 in Proofpoint, we recommend reaching out to Proofpoint for specific instructions. You can also contact our support team whenever you need assistance.

Jump to:

Whitelisting in Proofpoint Essentials
Whitelisting in Proofpoint Enterprise
How to Prevent Proofpoint from Bouncing Emails
What to Do If Your Emails are Going to Spam

Whitelisting in Proofpoint Essentials

When you're ready to whitelist in Proofpoint Essentials, follow the below instructions. These instructions were gathered from Proofpoint's Safelisting Addresses article.

1. 1. Navigate to Security Settings > Email > Sender Lists.
   2. Under the Safe Sender list, enter our IP addresses. Please see our Whitelisting Data and Anti-Spam Filtering Information article for a full list of our IP addresses.
   3. Click Save.

If you have issues with attachment-related emails, see Proofpoint's article on Blocks by Default.

Back to Top

Whitelisting in Proofpoint Enterprise

To whitelist in Proofpoint Enterprise, follow the below instructions. If you experience any issues with these steps, please contact our support team for assistance.

1. Navigate to your Proofpoint Enterprise Admin console.
2. Click Email Protection.
3. Under the Spam Detection drop-down, select Organizational Safe List.
4. Click Add.
5. In the Proofpoint - Global Safe List window, enter the following information:
   • Filter Type: From the drop-down menu, select Sender Hostname.
   • Operator: From the drop-down menu, select Equals.
   • Value: In the field, enter the IP addresses listed in our Whitelisting Data and Anti-Spam Filtering Information article.
6. Click Save Changes.

To avoid potential issues with Proofpoint’s Targeted Attack Protection, we suggest that you add KnowBe4’s IP addresses to Proofpoint’s URL Defense. To add KnowBe4's IP addresses to Proofpoint's URL Defense, follow the steps below:

1. Navigate to your Proofpoint Essentials Admin console.
2. Click Email Protection.
3. Under the Targeted Attack Protection drop-down, select URL Defense.
4. Click URL Rewrite Policies.
5. Under the Exceptions section, enter the IP addresses listed in our Whitelisting Data and Anti-Spam Filtering Information article.
6. Click Save Changes.

Back to Top

How to Prevent Proofpoint from Bouncing Emails 

If some of your phishing security test (PST) emails are bouncing with an error message of 
"Sender address rejected: Domain not found (in reply to RCPT TO command)",
follow the instructions below to resolve this issue.

1. From your KnowBe4 console, click your email address in the top right corner and select Account Settings.
2. Navigate to the Phishing Settings section.
3. Check that the Overwrite Fixed Return-path Address with Sender Address option is not enabled (see below).
   
4. Be sure to save this change by clicking the Save Changes button at the bottom of the page.
5. To confirm this change will prevent Proofpoint from causing your PST emails to bounce, we recommend you test this change. You can do this by sending a test campaign to yourself or a limited number of users before sending it to a larger group. 

Back to Top

What to Do If Your Emails are Going to Spam

If your emails are being sent to spam or are being quarantined, you'll need to add KnowBe4 to the Organizational Safe List in Proofpoint.

Follow the instructions below to add KnowBe4's hostnames or IP addresses to the Organizational Safe List:

1. From your Proofpoint admin center, navigate to Email Protection > Spam Detection > Organizational Safe List.
2. Add either our hostnames or IP addresses. For the most up-to-date list of our IP addresses and hostnames, please see this article. 

Still need assistance? Submit a support ticket and we can help. 

Back to Top