Ability to import domains, change default [[domain]] variableAnswered
Would like to be able to change the default [[domain]] to send from in our account settings so we can use alttlds, homoglyphs, and suffixed domains that look alike to our real one.
Right now I have to manually edit each template that uses [[domain]] to a domain that we own. I have also edited the SPF record to pass checks for KnowBe4's servers to send on our behalf on the domains I change them to. Would like to be able to change it all in one go rather than manually edit each email template.
Thank you for the feedback
It looks like this feature is in place! You can override the domain placeholder by editing that in your account settings.
This will allow you to modify the domain that the email is appearing to send from with your email templates.Comment actions
Thank you for providing this feedback! Regarding adding additional domains to your account: any domain that your organization owns and controls can be added to your account. You can submit a request to our support team for additional domains to be added to your account by emailing Support@KnowBe4.com or by clicking here to submit a ticket.
However, with that being said, the [[domain]] placeholder automatically populates the domain of whoever is receiving the email. Please see this short article for everything you need to know about How The [[Domain]] Placeholder Works.
I've submitted a feature request on your behalf for the ability to specify an account-wide domain to be spoofed whenever the [[domain]] placeholder is in use. Our Development team reviews these feature requests, and we base much of our development on customer feedback. I hope this fully addresses your request! Feel free to submit a support ticket if you have any questions!
I want to second this feature, and I think its a very important one. We carefully control what kind of email gets through to our users and, with the exception of KnowBe4 emails, other outside senders who attempt to send us email spoofing our domain will be blocked. While we realize there is a real risk of insider attacks that could spoof our domain, it becomes very burdensome for IT if users are too carefully questioning routine emails sent from our domain to them. Accordingly, we tell them they can generally trust these emails. If we can't change the default [[domain]], than we can't use several libraries for automated campaigns that include domain spoofing emails. We can block these emails like other ones on our firewall, but then the user isn't properly tested. We'd like to be able to provide a misspelling of our domain name that can be used in domain spoofing emails, which represents a much more realistic attack that may be faced by our users.
Alternatively, there's another request on this forum that would allow us to filter these types of email out by attribute. This would be an acceptable workaround for us.
The easiest alternative would be to simply put the domain spoofing emails in their own categories. This would require no new platform features be implemented. I'm going to open a ticket for this.
Thanks for the detailed insight on this! I think this is great idea as well and the details you provided will all be very helpful in providing this to our developers and product team. I've included the details for them to review further. For now, I see you already made a ticket that was addressed on this but if you require more help feel free to reach out for more support at any time by any means in our help center (call, email, manual ticket request, here too)
If you need assistance switching those primary domains to the subdomains go ahead and open a ticket here and we'd be glad to assist in helping you do that! Or just let me or your CSM know and we'd be glad to create tickets on your behalf.
We appreciate the post!
Please forgive me. I thought that this was how it was supposed to work... when I read the info on it. I must be blind. I am unable to locate the Enable [[domain]] placeholder override in my account settings. I have gone through the list of settings multiple times and cannot locate it.
Where should I find this in the list of settings?
Well, I am thinking my need to see the eye doctor is of great importance. I just found the setting. However, I still have a question why when I didn't have this override setting in place did it not send the phishing email tests using "my email address domain" which is different than the primary domain?
I'm not 100% sure why you saw that behavior. If you continue to see it I'd love to get you a support ticket so that we can address further.
To clarify how the item works, the behavior of emails with the [domain] placeholder will mimic the recipient's domain rather than just the primary domain on the account. This is in the event you want to send the same template to multiple divisions or groups who may have different domains.
Let me know if that makes any sense!
Hey Back Doug!
That is exactly what I would have expected. However, that is not what resulted. See a snapshot of the test. My email domain is carmeuse.com. Until I discovered the Phishing section in the Account setup that you mentioned above to override the domain (that was not checked).. I had to amend all of the templates that I sent out last. night. At least now I have the primary domain adjusted to carmeuse.com that will work for 95% of what I need to do until this is corrected.
Thanks for looking at this with me.
Please sign in to leave a comment.