If you're using Google Workspace in your organization, you can also whitelist by email header. To whitelist by email header, you'll need to apply a Content Compliance rule to emails that contain ATTACK Simulator's email header. With this rule, our fake phishing emails will be allowed to reach your users' inboxes.


This setting is only recommended if your organization uses a cloud-based spam filter for Google Workspace. If you use Google Workspace for email and don't have an additional spam filter, you can whitelist by IP address instead. More information can be found in our article Whitelisting by IP Address in Google Workspace. To ensure that emails are delivered successfully, whitelist ATTACK Simulator's IP address or hostnames in your cloud-based spam filter.


You can whitelist ATTACK Simulator by email header in Google Workspace by following the following steps:


1. Access Google Workspace Admin console console and click Apps.

2. Go to Google Workspace

3. In the Showing status for apps in all organizational units section, select Gmail.

4. Open the Compliance section


5. Find the Content Compliance section and click Configure




If you already have other rules added in the Content Compliance section, click the ADD ANOTHER RULE button instead.

6. The Add settings screen will appear. Configure the settings as follows:

    a.  In the Email messages to affect section, select the Inbound and the Internal - receiving checkboxes

    b.  In the Add expressions that describe the content you want to search for in each message section, select the If ANY of the following match the message in the first drop-down menu. 


    c. Click Add

    d. In the Add Setting popup, select Advanced content match in the first drop-down.

    e. Select Full headers in the Location drop-down

    f. Select Contains text in the Match type drop-down


    e. In the Content field type x-ats-simulation.

    g. Click Save.


7. In the If the above expressions match, do the following section, scroll down to find the Bypass spam filter for this message checkbox and activate it.


8. Finally click Save.


We recommend running a testing custom phishing simulation for yourself or a small group of users. This test phishing simulation can help ensure the success of your whitelisting. Wait at least an hour before testing because the setting may take up to an hour to deploy to all users.