Menu

Whitelisting Data and Anti-Spam Filtering Information

Avatar
Katie Brennan
Updated
Follow

Whitelist Data and Links

Before you begin phishing and training your users, you must whitelist. It is extremely important that you whitelist us in order to prevent our phishing security test emails and training notifications from being blocked or filtered into your Spam folder.

Jump to:
Whitelisting best practices
IP addresses and domain information
Whitelisting by email header
Adding KnowBe4 to your SPF records
Common mail servers
Common email and web filters
Link testing and intent analysis
Can't whitelist in an email filter? Try smart hosting.
Preventing emails from KnowBe4 employees from going to Junk/Spam

 

Whitelisting best practices

We recommend whitelisting our IP addresses in your mail server if you're not using a cloud-based spam filter.  If you are using a cloud-based spam filter, you will need to whitelist by email header in your mail server and whitelist by IP address in your spam filter.

If you find that you are unable to whitelist IP addresses for whatever reason, you can whitelist our mail server domains instead.

Take into consideration the various products or services you may be using in your mail or web environment to prevent issues with deliverability. Our support team is available for assistance.

Conduct a preliminary test campaign before your Baseline Phishing Test.

We recommend that you run at least one phishing campaign that is limited in scope to only one or two administrative users who can confirm receipt and tracking of clicks on phishing links. This should be done before the baseline test and will confirm that our phishing emails are getting through any spam/firewall protection.

As soon as you are done with your preliminary test, you should delete or hide the campaign so that it will not interfere with your reports or risk score.

Back to top

 

IP addresses and domain information

For accounts located at Training.KnowBe4.com:

 

IP addresses:

Training.KnowBe4.com

domains:

 

Messages allowed:

23.21.109.197       

23.21.109.212        

phishtest.knowbe4.com        

KnowBe4 simulated phishing emails

192.254.121.248        

o2.pstemail.knowbe4.com

pstemail.knowbe4.com

KnowBe4 Training emails    

 

For accounts located at EU.KnowBe4.com:

 

IP addresses:

EU.KnowBe4.com

domains:

 

Messages allowed:

52.49.201.246      

52.49.235.189        

eu-phishtest.knowbe4.com        

KnowBe4 Simulated Phishing emails

192.254.121.248        

o2.pstemail.knowbe4.com

pstemail.knowbe4.com

KnowBe4 Training emails    

Note:

Be careful not to over-whitelist. It is not necessary to whitelist both our IP addresses and our domains.

Back to top

 

Whitelist by email header

If your mail server requires you to whitelist our email header (for instance, if you are using a cloud-based spam filter), you can find that here:

Email Header:

X-PHISHTEST

Email Header Text:

This is a phishing security test from KnowBe4 that has been authorized by the recipient organization

Back to top

 

Adding KnowBe4 to your SPF records

Although generally not necessary, if you'd like to add KnowBe4 to your SPF records you can do so. We have steps to do so located here: Adding KnowBe4 to your SPF records

Back to top

 

Common mail servers

Do you need assistance with setting up whitelisting? The steps that need to be taken will vary across different email clients, servers, and internet security platforms. Here are some articles that may be helpful:

Exchange 2007/2010: 

Exchange 2013, 2016, & Office 365: 

GSuite/Google Apps:

If you're using GSuite, you will also need to follow the steps in this article to disable the return-path header on KnowBe4 phishing tests.

Back to top

 

Common email and web filters: 

Whitelisting in Proofpoint: Proofpoint has whitelisted our IP addresses and domains in their system globally, so you do not have to whitelist us there.

Whitelisting in Securence: Securence has whitelisted our IP addresses in their system globally, so you do not have to whitelist us there.

Whitelisting in Mailprotector: Mailprotector has whitelisted our IP addresses in their system globally, so you do not have to whitelist us there.

Back to top

 

Link testing and intent analysis

Some common email filtering and anti-spam services (such as Barracuda, Symantec, Websense, MessageLabs, etc.) will sometimes have link-following or link inspection options. These services may follow links found in incoming messages, resulting in skewed or 100% click-through rates. You can either whitelist/exempt our emails from being subject to these types of features/services or disable these features for the duration of a phishing test. More information can be found here

Back to top

 

Using a 3rd party hosted spam/content filter? Try smart hosting.

If you cannot add our whitelist data or your third-party solution impacts deliverability of the phishing emails, we are able to establish direct routes to your mail server to bypass that filtering. Just ask our technical support staff about the option of smart hosting, and they can assist you. Click here to submit a support ticket.

If you are using Exchange 2016, you may find Scenario 3 on this article helpful after speaking with our support team: Scenarios for Custom Receive Connectors in Exchange 2016

Back to top

 

Email from KnowBe4 employees going to Junk or Spam?

Occasionally, we may send you notifications about updates to the system (new features, templates, etc.), or our employees may check in with you to see how things are. If you'd like to ensure these emails will make it through without going into Junk or Spam, you can whitelist emails coming from knowbe4.com and knowbe4.mail.intercom.io

If you're using Office 365, we have instructions on how to set this up: 
Whitelisting emails from KnowBe4 in Office 365

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles