Whitelist Data and Links
IMPORTANT: Before you begin phishing and training your users, you must whitelist!
It is extremely important that you whitelist us in order to prevent our Phishing Security Test (PST) emails and Training Notifications from being blocked or filtered into your spam folder.
We recommend whitelisting our IP addresses in your mail server if you're not using a cloud-based spam filter. If you are using a cloud-based spam filter, you will need to whitelist by email header in your mail server and whitelist by IP address in your spam filter.
If you find that you are unable to whitelist IP addresses for whatever reason, you can whitelist our mail server domains instead.
Note:
If whitelisting by IP, be sure you are using the proper information depending on where your account is located.
For KnowBe4 Accounts Located At Training.KnowBe4.com
|
IP Addresses: |
Training.KnowBe4.com Domains: |
Messages allowed: |
|
23.21.109.197 23.21.109.212 |
phishtest.knowbe4.com |
KnowBe4 Simulated Phishing emails |
|
192.254.121.248 |
o2.pstemail.knowbe4.com pstemail.knowbe4.com |
KnowBe4 Training emails |
For KnowBe4 Accounts Located At EU.KnowBe4.com
|
IP Addresses: |
EU.KnowBe4.com Domains: |
Messages allowed: |
|
52.49.201.246 52.49.235.189 |
eu-phishtest.knowbe4.com |
KnowBe4 Simulated Phishing emails |
|
192.254.121.248 |
o2.pstemail.knowbe4.com pstemail.knowbe4.com |
KnowBe4 Training emails |
Note:
Be careful not to over-whitelist. It is not necessary to whitelist both the IP addresses and Domains.
Whitelist by Email Header
If your mail server requires you to whitelist our Email Header (for instance, if you are using a cloud-based spam filter), you can find that here:
Email Header:
X-PHISHTEST
Email Header Text:
This is a phishing security test from KnowBe4 that has been authorized by the recipient organization
Adding KnowBe4 to Your SPF Records
Although generally not necessary, if you'd like to add KnowBe4 to your SPF records you can do so. We have steps to do so located here: Adding KnowBe4 to your SPF records
Common Mail Servers and Filters
Do you need assistance with setting up whitelisting? The steps that need to be taken will vary across different email clients, servers, and internet security platforms. Here are some articles that may be helpful:
Exchange 2007/2010:
-Setting up an IP Allow List in Exchange 2007
-Setting up an IP Allow List in Exchange 2010
-Creating Transport Rules in Exchange 2010
-Whitelisting by Header in Exchange 2010
Exchange 2013, 2016, & Office 365:
-Exchange 2013, 2016, & Office 365 (Whitelist by IP Addresses)
-Exchange 2013, 2016, & Office 365 (Whitelist by Email Header)
-Exchange 2013 Add-IPAllowListEntry (Command Line)
-Focused Inbox on Outlook or Office 365 (PowerShell)
G Suite/Google Apps:
-Whitelisting by IP Address in GSuite/Google Apps
-Whitelisting by Email Header in GSuite/Google Apps
Note: If you're using GSuite, you will also need to follow the steps in this article to disable the return-path header on KnowBe4 phishing tests.
Other Common Email/Web Filters:
-Whitelisting in Cisco Ironport
-Whitelisting in Forcepoint (Websense)
-Whitelisting in Forefront Protection for Exchange
-Whitelisting in Fortinet FortiGate
-Whitelisting in McAfee/MX Logic
-Whitelisting in Securence: Securence has whitelisted our IP addresses in their system globally, so you do not have to whitelist us there.
-Whitelisting in Symantec.Cloud/MessageLabs
-Whitelisting in Mailprotector: Mailprotector has whitelisted our IP addresses in their system globally, so you do not have to whitelist us there.
Link Testing and Intent Analysis
Some common email filtering and anti-spam services (such as Barracuda, Symantec, Websense, MessageLabs, etc.) will sometimes have link-following or link inspection options. These services may follow links found in incoming messages, resulting in skewed or 100% clickthrough rates. You should whitelist us, exempt them from or disable these features for the duration of the test. More information can be found here.
Using a 3rd Party Hosted Spam/Content Filter?
If you cannot add our whitelist data or your third-party solution impacts deliverability of the PST emails, we are able to establish direct routes to your mail server to bypass that filtering. Just ask our technical support staff about the option of smart hosting, and they can assist you. Submit a ticket here.
If you are using Exchange 2016, you may find Scenario 3 on this article helpful after speaking with our support team. Scenarios for Custom Receive Connectors in Exchange 2016
Email from KnowBe4 Employees Going to Junk or Spam?
Occasionally, we may send you notifications about updates to the system (new features, templates, etc.), or our employees may check in with you to see how things are. If you'd like to ensure these emails will make it through without going into Junk or Spam, you can whitelist emails coming from knowbe4.com and knowbe4.mail.intercom.io
If you're using Office 365, we have instructions on how to set this up: Whitelisting emails from KnowBe4 in Office 365
Comments
0 comments
Article is closed for comments.