Ability to import domains, change default [[domain]] variable




  • Official comment
    Lauren Ashley

    Hi Johnny!

    Thank you for providing this feedback! Regarding adding additional domains to your account: any domain that your organization owns and controls can be added to your account. You can submit a request to our support team for additional domains to be added to your account by emailing Support@KnowBe4.com or by clicking here to submit a ticket.

    However, with that being said, the [[domain]] placeholder automatically populates the domain of whoever is receiving the email. Please see this short article for everything you need to know about How The [[Domain]] Placeholder Works

    I've submitted a feature request on your behalf for the ability to specify an account-wide domain to be spoofed whenever the [[domain]] placeholder is in use. Our Development team reviews these feature requests, and we base much of our development on customer feedback. I hope this fully addresses your request! Feel free to submit a support ticket if you have any questions!

    Thanks again!

    Comment actions Permalink
  • Avatar
    Alex Rourke

    I want to second this feature, and I think its a very important one. We carefully control what kind of email gets through to our users and, with the exception of KnowBe4 emails, other outside senders who attempt to send us email spoofing our domain will be blocked. While we realize there is a real risk of insider attacks that could spoof our domain, it becomes very burdensome for IT if users are too carefully questioning routine emails sent from our domain to them. Accordingly, we tell them they can generally trust these emails. If we can't change the default [[domain]], than we can't use several libraries for automated campaigns that include domain spoofing emails. We can block these emails like other ones on our firewall, but then the user isn't properly tested. We'd like to be able to provide a misspelling of our domain name that can be used in domain spoofing emails, which represents a much more realistic attack that may be faced by our users.

    Alternatively, there's another request on this forum that would allow us to filter these types of email out by attribute. This would be an acceptable workaround for us.

    The easiest alternative would be to simply put the domain spoofing emails in their own categories. This would require no new platform features be implemented. I'm going to open a ticket for this.

    Comment actions Permalink
  • Avatar

    Hey Alex,

    Thanks for the detailed insight on this! I think this is great idea as well and the details you provided will all be very helpful in providing this to our developers and product team. I've included the details for them to review further. For now, I see you already made a ticket that was addressed on this but if you require more help feel free to reach out for more support at any time by any means in our help center (call, email, manual ticket request, here too)




    Comment actions Permalink

Please sign in to leave a comment.