TABLE OF CONTENTS
- Add ATTACK Simulator's IP Address to Your Google Workspace Whitelist
- Enable Whitelisting by Content Compliance
You can bypass Google Workspace's spam filters by applying a content compliance rule to our IP address. This rule will allow our simulated phishing emails to be delivered to your user's inboxes. The Content Compliance whitelisting method involves two steps in Google Workspace: adding ATTACK Simulator's IP address to the Email Whitelist, and enabling whitelisting by Content Compliance.
Content compliance is an alternative method to whitelisting by IP address in our Whitelisting by IP Address in Google Workspace article. We recommend using the content compliance method if you have an existing inbound gateway to use the content compliance rule or if you are unable to configure the inbound gateway.
This article reflects current best practices for whitelisting with your provider. Please be aware that your mail service provider may make changes to how their systems analyze our emails at any time. If you are experiencing issues whitelisting using the procedure below, contact our support team. This method of whitelisting is a two-part process. To navigate to the steps for each part of the process, click the jump links below.
Add ATTACK Simulator's IP Address to Your Google Workspace Whitelist
First, you’ll need to add ATTACK Simulator's IP address to your IP allow list for Google Workspace. Once you add ATTACK Simulator's IP address to your IP allow list, you can enable whitelisting by content compliance.
These instructions in this section were gathered from Google's Email Whitelist in Google Workspace article.
- Log in to the Google Admin's Apps section and click on Google Workspace.
- In the Google Workspace screen, click Gmail.
- Scroll down and click on Spam, Phishing and Malware.
- In the Organizational Unit section, select your main domain (don't select other sub-organizational units).
- In the Email whitelist section, enter our IP address: 168.245.96.234
Enable Whitelisting by Content Compliance
After you have added ATTACK Simulator’s IP address to your Google Workspace whitelist, you can enable whitelisting by content compliance.
The instructions provided were gathered from Google’s Set up rules for advanced email content filtering article.
- To enable whitelisting by content compliance, follow the steps below:
- Repeat the first 2 steps from the previous section
- Once on the Gmail settings page, click on the Content section
- In the Organizational Unit section, select your main domain (don't select other sub-organizational units).
- Find the Content Compliance section for your domain and click Add a rule or Add Another Rule
- Configure your content Content compliance by following the steps below:
- In the Email Messages to Affect area, select the Inbound check box.
- In the If ANY of the following match the message area, create an expression with the following settings:
- From the first drop-down menu, select Metadata match.
- From the Attribute drown-down menu, select Source IP.
- From the Match type drop-down menu, select Source IP is within the following range.
- In the Source IP is within the following range field, type 168.245.96.234
- Click Save.
- In the If ANY of the following matchthe message section, add another expression with the settings in the screenshot and list below:
- From the first drop-down menu, select Advanced content match.
- From the Location drop-down menu, select Full headers.
- From the Match type drop-down menu, select Contains text.
- In the Content field, enter "x-ats-simulation".
- Click Save.
- In the If the above expressions match, do the following area, select the check boxes in the screenshot and list below:
- Under Spam, select the Bypass spam filter for this message check box.
- Under Encryption, select the Require secure transport (TLS) check box.