TABLE OF CONTENTS

• Whitelist by domain
• Whitelist by IP
• Whitelist by header

Whitelist by domain

To whitelist your phishing simulation emails in BitDefender GravityZone Email Security, follow these steps:

1. Log in to your BitDefender GravityZone Control Center.
2. Navigate to the "Policies" page.
   1. If you're using the old user interface, click on the "Policies" tab at the top of the page.
   2. If you're using the new user interface, click on the "Policies" option in the left-hand menu.
3. Choose the policy you'd like to modify, or create a new one by clicking the "Add" button.
4. In the policy configuration, navigate to the "Anti-Phishing" settings.
   1. If you're using the old user interface, click on the "Anti-Phishing" tab.
   2. If you're using the new user interface, expand the "Anti-Phishing" settings by clicking on the arrow icon next to it.
5. Scroll down to the "Whitelisted Senders" section, and click the "Add" button.
6. In the dialog box that appears, add the email addresses or domains that you want to whitelist. For example, you can add the following:
   1. An individual email address, like "example@example.com".
   2. A domain, using the "@" symbol followed by the domain name, like "@example.com". This will whitelist all email addresses from that domain. 
   3. You can find here the list of our updated domains https://app.attacksimulator.com/whitelist/test.
7. Click "Save" to add the email addresses or domains to the whitelist.
8. Finally, click "Save" again at the bottom of the policy configuration page to save your changes.

Now, the phishing simulation emails sent from the whitelisted addresses or domains will not be blocked by BitDefender GravityZone Email Security.

Whitelist by IP

To whitelist by IP address:

1. In the policy configuration, navigate to the "Anti-Spam" settings.

   a. If you're using the old user interface, click on the "Anti-Spam" tab.

   b. If you're using the new user interface, expand the "Anti-Spam" settings by clicking on the arrow icon next to it.

2. Scroll down to the "Whitelisted IP Addresses" section, and click the "Add" button.

3. In the dialog box that appears, add the IP address "168.245.96.234".

4. Click "Save" to add the IP address to the whitelist.

Whitelist by header

To whitelist by the custom header:

Whitelisting by custom headers isn't a built-in feature in BitDefender GravityZone Email Security. However, you can create a custom filtering rule to achieve this.

1. In the policy configuration, navigate to the "Content Control" settings.

   a. If you're using the old user interface, click on the "Content Control" tab.

   b. If you're using the new user interface, expand the "Content Control" settings by clicking on the arrow icon next to it.

2. Scroll down to the "Custom Rules" section, and click the "Add" button.

3. In the "New Rule" dialog box, configure the rule as follows:

   a. Name: Enter a descriptive name for the rule, such as "Whitelist X-ATS-Simulation Header".

   b. Condition: Choose "Email header" from the drop-down list.

   c. Operator: Choose "Contains" from the drop-down list.

   d. Value: Enter "x-ats-simulation: true" (without the quotes).

   e. Action: Choose "Allow" from the drop-down list.

4. Click "Save" to add the custom rule.

5. Finally, click "Save" again at the bottom of the policy configuration page to save your changes.

Now, the phishing simulation emails sent from the specified IP address and containing the custom header "x-ats-simulation: true" will not be blocked by BitDefender GravityZone Email Security.