Skip to main content
Skip table of contents

Google Workspace whitelisting instructions

Read this article in: English, Deutsch, Dutch, French

In this article, we’ll show you how to make sure that SoSafe’s simulated phishing emails will reach your users' inboxes. In addition, we will explain how you can prevent Google from showing a warning related to those emails.

All SoSafe-related information you will need to enter can be found in the Manager (Settings / Whitelisting).

Whitelisting SoSafe IP addresses

If you need more detailed information, check out Google’s support article.

  1. Log in at https://admin.google.com and select Apps, followed by Overview

  2. Select Google Workspace, followed by Gmail

  3. Select Spam, phishing and malware to expand this section

  4. Add the IPv4 addresses shown in the SoSafe Manager (see above) under SoSafe mail servers. Separate each address with a comma. Select Save to confirm.

  5. At this stage, we recommend using the Send test emails button on the Whitelisting page in the SoSafe Manager. However, it make take some time for the whitelisting changes to be applied.

Setting up spam filters

We need to prevent the simulated phishing emails from being classified as spam.

  1. Navigate to the Spam, phishing and malware page on https://admin.google.com, as outlined above

  2. Under Spam, select Edit and give your filter a name, e.g. SoSafe2

  3. Make sure that Bypass spam filters for internal senders, Bypass spam filters for messages from addresses or domains in selected lists and Bypass spam filters and hide warnings for messages from senders or domains in selected lists are all checked

  4. Select Create or edit list under Bypass spam filters for messages from senders or domains in selected lists add the SoSafe mail servers (as above) but also all email addresses listed under Envelope sender addresses (technical senders) on the same page. Make sure that Authentication required (received mail only) is disabled.

  5. For the next section, called Bypass spam filters and hide warnings for messages from senders or domains in selected lists, you can select Use existing list

  6. Select Save to confirm

GoogleWorkspaceSpam.png

Disable warning banners

Without making further changes, Google will likely show the following warnings for simulated phishing emails:

Google-Warning1.png
Google-Warning2.png

  1. To change this, log in at https://admin.google.com and select Apps, followed by Overview

  2. Select Google Workspace, followed by Gmail

  3. Select Spam, phishing and malware to expand this section

  4. Scroll to Inbound gateway, hover your mouse over the settings and select Edit. A new dialog will open.

  5. Adjust the settings as follows

    1. Add the SoSafe mail server IPs to Gateway IPs

    2. Make sure Reject all mail not from gateway IPs is not checked

    3. Check Require TLS for connections from the email gateways listed above

    4. Under Message tagging, you must enter a string of text that will in all likelihood not be contained in an actual email. One example would bekzndsfgklinjvsdnfioasmnfsmf.

    5. Check  Disable Gmail spam evaluation on mail from this gateway; only use header value

  6. Select Save to confirm

Google-Inbound-Gateway.png

Inbound gateway settings

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close