Skip to main content

Whitelist in Google Workspace

Whitelisting Simulated Phishing in Google Workspace (Gmail)

For Secure Practice Simulation Emails

This step-by-step guide is intended for Google Workspace administrators to allow simulated phishing emails from Secure Practice by properly configuring Gmail to recognize and accept messages from specific IP addresses.

Note: You must have an admin role in the Google Workspace Admin Console to perform these actions.

Step 1: Access the Admin Console

  1. Visit https://admin.google.com

  2. Sign in using your administrator account

Step 2: Navigate to Gmail Settings

  1. In the left-hand menu, go to:
    AppsGoogle WorkspaceGmail

  2. Under Gmail settings, click on Spam, Phish and Malware

image.png

Step 3: Add IPs to the Email Allowlist

  1. Click on Email allowlist

    • 35.153.237.243(Mail Server)
    • 107.22.65.180(Landing Page)

  2. Enter the following IP addresses:

  3. Click Save

image.png

Step 4: Configure Inbound Gateway

This step ensures that Gmail treats the IP addresses above as internal senders, preventing SPF or DMARC validation and suppressing warnings to end-users.

  1. Scroll down to the Inbound Gateway section

  2. If not already enabled, click the Enable button

  3. In the Gateway IPs field, enter the same IP addresses listed earlier

  4. Optional:

    • Enable Automatic detect external IP

    • Do not enable “Reject all mail not from gateway IPs” unless already required—this may block all mail delivery if not properly configured

    • Enable Require TLS for connections

image.png

Step 5: Configure Message Tagging

  1. Under the Message Tagging section:

    • Check "Message is considered spam if the following header regexp matches"

    • Enter a unique, random string : fg2jl0ah45oahtTK56SGD23fhk2k

    • Check "Disable Gmail spam evaluation"

This ensures Gmail skips its spam analysis for messages from the configured IPs.

image.png

Step 6: Bypass Spam Filters for Trusted Senders

  1. Still under Gmail settings, go to the Spam section

  2. Click Configure to create a spam filter bypass rule

  3. Check: "Bypass spam filters for messages received from addresses or domains"

  4. Click Create or edit list and add the following senders:

    • slackj.com
    • ttrelli.com
    • airbnd.cc
    • attlassians.com
    • eebbey.com
    • lastpasss.net
    • my1psswords.com
    • zooms.cc

  5. For flexibility, uncheck "Authentication required" for 

  6. Save the address list and the new spam bypass policy

image.png

Step 7: Adding Message Header in Compliance

  1. Navigate to the Compliance section in the Google Workspace Admin console.

  2. Go to the Content Compliance subsection.

  3. Click Configure or Add Another, depending on whether a rule has already been added. This will open the Add Setting pop-up window.

  4. In the Content compliance field, provide a clear description for the rule, such as "CyTech Whitelisting".

  5. Under Email messages to affect, check the Inbound box.

  6. In the Expressions section, click Add to open a new pop-up window.

  7. In the first drop-down menu, select Metadata match.

  8. From the Attribute drop-down menu, choose Source IP.

  9. In the Match type drop-down menu, select Source IP is.

  10. In the value field, enter one of CyTech’s IP addresses.

    • 35.153.237.243(Mail Server)
    • 107.22.65.180(Landing Page)

  11. In the Headers section, check the Add custom headers option.

  12. Click Add in the Custom headers field.

  13. In the Header key field, enter: X-PHISHTEST

  14. In the Header value field, enter: CYTECH

  15. Click Save.

  16. Review all configured settings, then click Save again to apply the rule.

Optional: Temporary Adjustment for Quicker Testing

Google offers a feature called Enhanced Pre-Delivery Message Scanning.
While not recommended to disable permanently, you may consider turning it off briefly to speed up testing and configuration validation.

image.png

Additional Systems in Use?

If your organization uses other email or security filtering systems, please refer to the Whitelisting Phishing Overview and ensure proper bypass configurations are in place across all layers.

Reference Documentation Link: https://securepractice.co/guides/whitelisting-google

           If you need further assistance, kindly contact our support at support@cytechint.com for prompt assistance and guidance. 

No Comments
Back to top