The following guide will provide you with step-by-step instructions on how to allow PhishDeck’s simulated phishing emails by IP address in your Google Workspace (G Suite) account.

Why do I need to allow PhishDeck’s IP?

While PhishDeck emulates a real phishing attack, it is ensured that this is conducted with traceability and governance in mind. To such an extent, unlike real attackers using illegal botnets or other illicit methods of sending large volumes of phishing emails, all of PhishDeck’s phishing simulation emails originate from a single IP. This is done not only to be easy to allow (some mail filters only allow IP allow listing), but it’s also to ensure that it’s quick and easy to distinguish phishing simulation emails from real ones in the event of an investigation.


Naturally, IPs which only send phishing simulation emails are bound to be blocked, and to such an extent, we strongly suggest explicitly allowing PhishDeck’s IP addresses to avoid issues with your phishing simulation Campaigns – this process only needs to be set-up once.


Allowing PhishDeck’s IP in Google Workspace

Heads up – If you do have any other spam or email filtering system/s in front of Google Workspace, you should also allow PhishDeck’s IP addresses there too. For more information about how to do this, see how to allow my phishing simulation emails using a mail header.



  1. Log in to https://admin.google.com and select Apps



  2. Select G Suite



  3. Select Gmail



  1. Scroll down to select Advanced settings


  1. In the Organizations section, select your Domain, not an Organizational Unit (OU).


Note: Google Workspace only accepts allow lists by IP address for an entire domain.


Here in the Spam, phishing, and malware section, you’ll find the Email Whitelist option.

 


  1. Here you can enter PhishDeck’s IP addresses, each entry needs to be separated by commas. Find the latest list of our IP addresses in this article.

  2. Finally click Save.


The settings may take up to 1 hour to propagate to all users. Prior to starting the phishing campaign, set one up for testing to your own email address to confirm the configuration was successful.


  1. Next, you will need to add PhishDeck’s IP address as an inbound gateway to suppress Gmail warnings from showing up in your Target’s inbox when they receive the phishing simulation email from PhishDeck. 





While in the Spam, phishing, and malware section, you should see an Inbound gateway setting. Hover over and click the Edit button.


  1. Configure the Inbound gateway screen as follows.



1. For Gateway IPs enter our IP addresses. Find the latest list of our IP addresses in this article.


2. Ensure that only Require TLS for connection from the email gateways listed above is selected from the checkpoints


3. For Message Tagging enter the following.


amacrhmnuoipskzliulvwgujckvsea


4. Ensure that the Disable Gmail spam evaluation on mail from this gateway; only use header value is enabled. Finally, click Save.




Add PhishDeck’s Domains as Whitelisted Domains


This step is specifically important to target the spam banner in Gmail.


  1. In the Google Workspace (GSuite) administration portal, navigate to [Account] > [Domains] > [Whitelisted Domains]

  2. Add the following domains: