Description


To ensure that our phishing simulation emails are successfully delivered to your inbox and not flagged as spam, it's necessary to add our domain and IP address to the allow-list within your email provider settings 


Requirements


Access to allow list in either Microsoft / Google.

The Process


Microsoft 365:


Method #1 - Advanced Delivery Rules

  1. Log in to the Microsoft 365 Defender portal: Visit the Microsoft 365 Defender portal and log in with your administrator account.

  2. Navigate to "Policies & rules": Once logged in, go to the main menu and find "Policies & rules" in the left navigation pane.

  3. Click on "Threat policies": Click the "Threat policies" link in the list that appears.

  4. Select "Advanced delivery": Click "Advanced delivery". This section manages overrides for special system use cases. If this option is not available, go to Method #2 below.

  5. Go to the "Phishing simulations" tab: On the next page, click the "Phishing simulations" tab in the horizontal navigation bar.

  6. Add or edit policy: Now, you can either add a new policy or edit an existing one. Click the blue "Add" button to set up a new policy, or if a policy already exists, click the "Edit" button (represented by a pencil icon).

  7. Enter Guardz domain: In the "Domain" field, input "mailpercents.com" - the domain used by Guardz for phishing simulations.

  8. Enter Guardz sending IP: In the "Sending IP" field, input "149.72.40.178" - the IP address used by Guardz for sending the phishing simulations.

  9. Save your settings: After you've made all the necessary changes, make sure to save your settings to complete the setup. It may take up to 24 hours for these changes to take effect.


Method #2 - If the "Advanced delivery" Option is Not Available

  1. Click on "Anti-spam": On the same "Threat policies" page, under the "Policies" section, click on "Anti-spam".

  2. Access the connection filter policy: Click "Connection filter policy (Default)".

  3. Edit the connection filter policy: After opening the Connection filter policy, select "Edit connection filter policy". This allows you to adjust the settings for messages from different IP addresses.

  4. Add the IP to the allowlist: In the "Always allow messages from the following IP addresses or address range" section, enter the IP address 149.72.40.178. This is the IP address used by Guardz for sending phishing simulations.

  5. Save the connection filter policy:After entering the IP address, click the "Save" button to apply the changes. Make sure it is done correctly

  6. Navigate to transport rules: Now, navigate to the mail flow rules page in the Exchange admin center at https://admin.exchange.microsoft.com/#/transportrules.

  7. Create a new rule: Click "+ Add a rule" and then "Create a new rule".

    Configure the new rule:

    a) Name the rule (e.g., "Guardz Phishing Simulation").

    b) Select "Apply this rule if > The sender > IP address is in any of these ranges or exactly matches", and input the IP address 149.72.40.178 again.

    c) Select "Do the following > Modify the message properties > set a message header".

    d) In the line below, click on "Enter text" and set the message header "X-MS-Exchange-Organization-BypassClutter" to the value "true".

    e) Click the plus (+) button next to "Do the following" to add another action.

    f) In the new row that was added (under "And"), select "Do the following > Modify the message properties > set the spam confidence level (SCL)", make sure "Bypass spam filtering" is selected, and click on "Save".


  8. Review the rule: Click on "Next" twice, and review the rule - it should look like below:

  9. Save - Please note that it may take up to 24 hours for these changes to take effect.



Google:

  1. Log in to the Google Workspace Admin Console: Visit the Admin Console and log in with your administrator account.

  2. Navigate to Gmail settings: From the left side panel, select "Apps". In the dropdown menu, select "Google Workspace" then "Gmail".

  3. Access "Spam, Phishing, and Malware" settings: In the list of settings that appear, find and select "Spam, Phishing, and Malware".

  4. Add Guardz IP to "Email allowlist": Scroll down to the "Email allowlist" section. Click on it, and in the field provided, add the Guardz phishing simulation IP address: "149.72.40.178". After entering, click "Save".

  5. Configure "Inbound gateway": Scroll further to the "Inbound gateway" section. If it's not already enabled, click the "Enable" button. In the "Gateway IPs" list, add the same Guardz IP address: "149.72.40.178". Ensure that "Reject all mail not from gateway IPs" is unchecked. Click "Save".

  6. Do NOT check "Reject all mail not from gateway IPs": This is crucial, as checking this box without specifying all existing gateway IPs, if any, could halt all email delivery. Therefore, leave it unchecked unless you are certain of your settings.

  7. Disable Gmail spam evaluation for Guardz phishing simulation IP: Under "Message Tagging", check the box for "Message is considered spam if the following header regexp matches". In the "Regexp" field, enter some unique text value (e.g., "guardzsomeuniquestring"). Additionally, tick the box for "Disable Gmail spam evaluation on mail from this gateway; only use header value", which will now apply to the Guardz IP address. Click "Save".

  8. Bypass spam filters for Guardz phishing simulation domain: Scroll to the "Spam" section and click "Configure", or "ADD ANOTHER RULE" if rules already exist. Check the box for "Bypass spam filters for messages from senders or domains in selected lists". Then, click "Create or edit list". In the address list, add "mailpercents.com", the domain used by Guardz. After creating the address list, go back and now select "Use existing list" and select the list you just created.

  9. Save your settings: Clicking the "Save" button at the bottom of the page.

    Please note that it may take up to 24 hours for these changes to fully propagate throughout Google's systems.