Google Workspace Allowlisting Guide
The Google Workspace Allowlisting Guide for Phin's platform provides detailed instructions for administrators to whitelist specific dedicated sending domains and IP addresses related to phishing emails and training reminders, including steps to add these to approved sender lists, configure spam filter bypass options, and set up content compliance rules within the Google Admin portal to ensure proper email delivery and handling.
Allowlisting Guide for Google Mailboxes on Phin's Platform
Step 1: Allowlisting Domains
Follow the instructions from Google to add the dedicated domains to your approved senders list in Google Workspace. You will need to create an address list with the domains listed below.
Dedicated sending domains:
- phinsecurity.com
- notificationhandler.com
- amazingdealz.net
- coronacouncil.org
- couponstash.net
- creditsafetyteam.com
- shippingalerts.com
- berrysupply.net
- autheticate.com
- betterphish.com
Step 2: Allowlisting IPs
Follow the instructions from Google to add the dedicated sending IPs below to your Google Workspace allowlist.
Dedicated sending IPs:
- Phishing emails: 198.244.59.179, 35.237.125.73
- Training & Reminders: 198.2.177.227, 198.2.178.214
Note: It is up to you as the admin to determine the level of bypass you want to implement. For example, the following options bypass spam filters similarly, but their messaging is different, as one hides suspicious email warnings:
- Bypass spam filters and hide warnings for messages from senders or domains in selected lists
- Bypass spam filters for messages from senders or domains in selected lists
Step 3: Whitelist by Content Compliance in Google Workspace
Follow the instructions from Google to add the dedicated sending IPs below to your Google Workspace allowlist.
- 1.Log in to your Google Admin portal and select Apps.
- 2.Select Google Workspace.
- 3.In the Showing status for apps in all organizational units area, click Gmail.
- 4.In the Gmail area, click Compliance.
- 5.Navigate to the Content compliance section.
- 6.Click Configure. (Note: If you have previously created a content compliance rule, this option will be called Add Another Rule.)
- 7.After you click Configure or Add Another Rule, configure your content compliance by following the steps below:
- 1.In the Email Messages to Affect area, select the Inbound check box.
- 2.In the If ANY of the following match the message area, create an expression with the following settings:
- 1.From the first drop-down menu, select Metadata match.
- 2.From the Attribute dropdown menu, select Source IP.
- 3.From the Match type drop-down menu, select Source IP is within the following range.
- 4.In the Source IP, which is within the following range field, enter one of Phin's IP addresses. For the most up-to-date list of IP addresses, see the Phin Security documentation.
- 5.Click Save.
- 3.Repeat the three steps above for each of the IP addresses.
- 4.In the If ANY of the following match the message section, add another expression with the settings below:
- 1.From the first drop-down menu, select Advanced content match.
- 2.From the Location drop-down menu, select Full headers.
- 3.From the Match type drop-down menu, select Contains text.
- 4.In the Content field, enter your custom header. (See Phin Security documentation for how to enable a custom header.)
- 5.Click Save.
- 5.In the If the above expressions match, do the following area, select the check boxes below:
- 1.Under Spam, select the Bypass spam filter for this message check box.
We recommend setting up a test phishing campaign for yourself or a small group of users. This test phishing campaign can help ensure that your whitelisting was successful. The setting may take up to an hour to deploy to all users, so wait at least an hour before testing.