Whitelist Data and Anti-Spam Filtering
Before you can begin phishing and training your users, you'll need to whitelist KnowBe4 to ensure that our training notifications and simulated phishing security tests (PSTs) successfully reach your users' inboxes. If you don't whitelist our emails properly, they may be blocked or filtered by your mail server or spam filter.
See the sections below for information about whitelisting and anti-spam filtering.
Jump to:
Whitelisting Best Practices
KnowBe4's IP Addresses, Hostnames, and Headers
- Adding KnowBe4 to Your SPF Records
- Adding DKIM Signatures
- Avoiding Link Testing and Intent Analysis
- Using Smart Hosting
Whitelisting Best Practices
The whitelisting methods that you'll need to use depend on your organization's mail server and spam filter.
When you whitelist our emails, we recommend that you follow the best practices listed below:
- If you don't have a cloud-based spam filter, we recommend that you whitelist either our IP addresses or our hostnames in your mail server. For information about whitelisting your mail server, see the Whitelist Your Mail Servers section below.
Note: You don't need to whitelist both IP addresses and hostnames.
- If you have a cloud-based spam filter, we recommend that you whitelist by email header in your mail server and whitelist by IP address or hostname in your spam filter. For information, see the Whitelisting Your Mail Servers and Whitelisting Your Email and Web Filters sections below.
Note: You don't need to whitelist both IP addresses and hostnames.
To see which method is best for your organization, you can use our Whitelisting Wizard.
KnowBe4's IP Addresses, Hostnames, and Headers
See below for a list of our IP addresses or hostnames, and headers. You'll need this information to whitelist your organization's mail server and spam filter.
Note: We recommend that you don't whitelist by both IP address and header in your mail server. If you're unsure which method to use, see our Whitelisting Wizard to find out which whitelisting method is best for your organization.
For accounts located at training.knowbe4.com, ca.knowbe4.com, uk.knowbe4.com, and de.knowbe4.com, see the table below:
|
IP Addresses |
Messages Sent |
|
147.160.167.0/26 Note: "/26" indicates the IP range 147.160.167.0 - 147.160.167.63. If your whitelisting provider doesn't allow for an IP range, each IP in this range will need to be entered individually. For more information, see Microsoft's Understand TCP/IP addressing and subnetting basics article.
|
|
|
23.21.109.197 23.21.109.212 |
|
|
Hostnames |
Messages Sent |
|
psm.knowbe4.com |
|
|
PST Email Header |
Email Header Text |
|
X-PHISHTEST Note: X-PHISHTEST is the default header. If you're using a custom header or header token, you could whitelist by that header. For information on creating a custom header or header token, see our How to Edit Your Account Settings article.
|
This is a phishing security test from KnowBe4 that has been authorized by the recipient organization. |
For accounts located at eu.knowbe4.com, see the table below:
|
IP Addresses |
Messages Sent |
|
147.160.167.0/26 Note: "/26" indicates the IP range 147.160.167.0 - 147.160.167.63. If your whitelisting provider doesn't allow for an IP range, each IP in this range will need to be entered individually. For more information, see Microsoft's Understand TCP/IP addressing and subnetting basics article.
|
|
|
52.49.201.246 52.49.235.189 23.21.109.197 23.21.109.212 |
|
|
Hostnames |
Messages Sent |
|
psm.knowbe4.com |
|
|
PST Email Header |
Email Header Text |
|
X-PHISHTEST Note: X-PHISHTEST is the default header. If you're using a custom header or header token, you could whitelist by that header. For information on creating a custom header or header token, see our How to Edit Your Account Settings article.
|
This is a phishing security test from KnowBe4 that has been authorized by the recipient organization. |
Whitelisting Your Mail Server
See below for a list of articles that can help you whitelist your organization's mail server. When you whitelist by following the instructions in these articles, you'll need our IP addresses, hostnames, or header information.
Note: If you don't see your mail server listed below, contact our support team for assistance.
If your mail server is Microsoft 365, see the articles listed below:
- How to Use Advanced Delivery Policies in Microsoft 365
- Direct Message Injection (DMI) Configuration Guide
- Exchange 2013, 2016, & Microsoft 365 (Whitelist by Email Header)
- Whitelisting Training Notifications in Microsoft 365 (Whitelist by Email Header)
- Configure Focused Inbox on Outlook or Microsoft 365 (PowerShell)
If your mail server is Exchange 2007 or 2010, see the articles listed below:
If your mail server is Exchange 2013, 2016, or 2019, see the articles listed below:
- Exchange 2013 and 2016 (Whitelist by IP Addresses)
- Exchange 2013, 2016, & Microsoft 365 (Whitelist by Email Header)
- Exchange 2013 Add-IPAllowListEntry (Command Line)
If your mail server is Google Workspace, see the articles listed below:
- Whitelisting by IP Address in Google Workspace
- Whitelisting by Email Header in Google Workspace
- Whitelisting by Content Compliance in Google Workspace
- Direct Message Injection (DMI) Configuration Guide
Whitelisting Your Spam Filter
See below for a list of articles that can help you whitelist your spam filter. When you whitelist by following the instructions in these articles, you'll need our IP addresses, hostnames, or header information.
Note: If you're whitelisting for endpoint web filtering, you may need a list of our phishing and landing domains. For a list of these domains, contact our support team.
- Whitelisting in AppRiver
- Whitelisting for Avanan in Microsoft 365 and Google Workspace
- Whitelisting in Barracuda
- Whitelisting in Cisco Ironport
- Whitelisting in EdgeWave
- Creating an allowed senders filter list
- Whitelisting in Fortinet FortiGate
- Whitelisting in McAfee/MX Logic
- Whitelisting in Mimecast
- Whitelisting in Proofpoint
- Whitelisting in SonicWall
- Whitelisting in Sophos
- Whitelisting in SpamAssassin
- Whitelisting in Symantec.Cloud/MessageLabs
- Whitelisting in TrendMicro
- Whitelisting in VIPRE
Note: Your spam filter may use rate limiting, which can slow or block the delivery of our PSTs. We recommend that you review the rate-limiting rules for your spam filter to make sure that our PSTs will reach your users’ inboxes.
Running a Test Campaign
Once you've whitelisted by using the recommendations above or by using our Whitelisting Wizard, we recommend creating a test phishing campaign to make sure your whitelisting is working properly.
We recommend that you include only yourself or a small group of users in this campaign. Then, you or the users in the campaign will need to confirm that you've received the PST from the campaign. Finally, you'll need to have a user click a simulated phishing link in the PST to make sure clicks are being tracked successfully. For more information about creating phishing campaigns, see our Creating and Managing Phishing Campaigns article.
Additional Configurations
Once you've whitelisted by following our recommendations, there are additional configurations that you may need to use to whitelist. For more information, see the subsections below.
Adding KnowBe4 to Your SPF Records
To allow KnowBe4 to send PSTs on your behalf, you can add KnowBe4 to your Sender Policy Framework (SPF) records. For more information, see our Adding KnowBe4 to Your Sender Policy Framework (SPF) Records article.
Adding DKIM Signatures
All of our training notifications include a DomainKeys Identified Mail (DKIM) signature automatically. For accounts in the US, the signing domain is training.knowbe4.com and for accounts in the EU, the signing domain is eu.knowbe4.com.
You can also add a DKIM signature to our PSTs. For more information, see our How to Enable and Customize DKIM Signatures article.
Avoiding Link Testing and Intent Analysis
Sometimes, common spam filters such as Barracuda, Symantec, Websense, and MessageLabs will have link-following or link-inspection options. If enabled, these options may result in skewed click-through rates or click-through rates showing 100%.
You can whitelist or exempt our emails from being affected by these options. You can also disable these options for the duration of a phishing campaign. For more information, see our Showing 100% Click Through on Phishing Tests article.
Using Smart Hosting
If you can't whitelist our mail servers or your spam filter impacts the delivery of PSTs, you can allow our emails to bypass your spam filter by using smart hosting. For more information, see our Smart Hosting for Phishing Security Tests article.
Troubleshooting
If you're experiencing issues with whitelisting, we recommend that you see our Whitelisting Wizard Troubleshooting Guide. Additionally, see the subsections below for troubleshooting situations that can help you.
If you don't see the issue you're looking for, contact our support team for assistance.
Email from KnowBe4 Sent to Junk or Spam
We may send you emails about updates to our products, such as new features and templates, or our employees may check in with you to see how things are going. To make sure these emails aren’t sent to your Junk or Spam folder, you can whitelist emails from knowbe4.com and knowbe4.mail.intercom.io.
If you're using Microsoft 365, see our Whitelisting emails from KnowBe4 in Microsoft 365 article for more information. If you’re using Google Workspace, see our Whitelisting by IP Address in Google Workspace article for more information.
Third-Party Whitelisting Assistance
Our support team will provide whitelisting assistance as much as possible. However, because there are many different spam-filtering services and mail server providers, we recommend that you contact your service provider for assistance.
If you would like, you can use the template below to send a request to your service provider's support team:
Our organization uses KnowBe4, a security awareness training platform that provides simulated phishing tests and training for our employees. We would like to whitelist all of KnowBe4’s simulated phishing tests and training notifications to ensure they successfully reach our employees' inboxes. Please provide us with any whitelisting assistance that may help.
Comments
0 comments
Article is closed for comments.