How to Whitelist by Content Compliance in Google Workspace and Google Apps
The instructions below show you how to whitelist KnowBe4's simulated phishing emails and training notifications by content compliance in your GSuite environment. This article reflects our most up-to-date best practices for whitelisting with your provider. Please be aware that your mail service provider may make changes to how their systems analyze our emails at any time. If you are having issues whitelisting using the procedure below, please contact our support team and they will be happy to assist you.
Content compliance is an alternative method to whitelisting by IP address in our Whitelisting by IP address in GSuite and Google Apps article. Use the method below if you have an existing inbound gateway to use the content compliance rule or if you are unable to configure the inbound gateway.
This method of whitelisting is a two-part process. Use the jump links below to navigate to each part:
- Part 1: Add KnowBe4's IP addresses to Email Whitelist
- Part 2: Enabling Whitelisting by Content Compliance
Part 1: Add KnowBe4's IP addresses to Google's Email Whitelist
Below are instructions on how to set up your IP allow list for Google Workspace and Google Apps. These instructions were gathered from Google's Email Whitelist in Google Workspace article.
- Log in to https://admin.google.com and select Apps.
- Select Google Workspace.
- Select Gmail.
- Select Spam, Phishing and Malware.
- Under the Organizational Unit section, highlight your domain. Do not select a sub-organizational unit (OU).
Note: Google Workspace does not allow whitelisting by IP Address for individual OUs, only the entire domain.
- In the Email whitelist section, enter our IP addresses separated by commas. For the most up-to-date list of our IP addresses, please see this article.
- Click Save.
Part 2: Enabling Whitelisting by Content Compliance
Below are instructions to whitelist by content compliance policy. The instructions provided were gathered from Google’s Set up rules for content compliance article.
- Log in to https://admin.google.com and select Apps.
- Select Google Workspace
- Select Gmail.
- Select Compliance.
- Scroll down to the Content compliance section. Click Add a Rule.
- Configure the Content compliance rules using the settings below.
- Select the Inbound checkbox under Email Messages to Affect.
- Under the If ANY of the following match the message, create the following expression:
- Set the first expression to Metadata match.
- Set the Attribute to Source IP.
- Set the Match type to Source IP is within the following range.
- Add one of KnowBe4's IP addresses in the Source IP is within the following range field. For the most up-to-date list of our IP addresses, please see this article.
- Click Save.
- Repeat the three steps above for each of our IP addresses.
-
- Add another expression under If ANY of the following match the message with the settings defined below:
- Select Advanced content match from the first drop-down.
- Set the Location to Full headers.
- Set the Match type to Contains text.
- Set the Content to X-PHISHTEST TOKEN.
- Click Save.
- Add another expression under If ANY of the following match the message with the settings defined below:
- Check the following checkboxes under If the above expressions match, do the following.
- Under Spam, select Bypass spam filter for this message.
- Under Encryption, select Require secure transport (TLS).
We recommend setting up a test phishing campaign for yourself or a small group of users after you follow the steps in this procedure to ensure your whitelisting was successful. The setting may take up to an hour to propagate to all users, so wait at least an hour before testing.
Comments
0 comments
Article is closed for comments.