Why whitelisting is important
Whitelisting ensures your phishing simulation emails are delivered to users’ inboxes and are not blocked or sent to spam by email security systems.
Both sender IP addresses and domains must be whitelisted, as most security solutions check both.
Some phishing simulation emails may use “lookalike” domains to mimic real threats; these sending domains must also be whitelisted.
Where and how to whitelist
Microsoft 365 (Office 365): Use the Advanced Delivery policy in Microsoft Defender to whitelist external phishing simulations. See our detailed guide: Whitelisting for third-party phishing simulations (Microsoft 365).
Google Workspace: Set up inbound gateway rules and add IP addresses to your trusted senders list. See Whitelisting in Google Workspace.
Other providers: Consult your mail/security provider documentation on how to whitelist both sending IPs and domains.
Additional whitelisting tips
You only need to whitelist the sender's domain (the part after the @ in the sender's email) and the above IP addresses, not the domains/URLs inside the phishing emails.
If your spam filter or defender is "clicking" on links automatically (e.g., Safe Links/ATP in Microsoft Defender), you may want to adjust this setting so you get accurate test results. Learn more about safe links.
If you use custom domains for your own phishing simulations, make sure those are also whitelisted in addition to the standard Guardey-supplied domains.
Test whitelisting by sending to a small group first. Phishing emails should arrive in the primary inbox and not the spam, junk, or quarantine folders.
If you use external IT partners for email management, share this article and the whitelist information with them.
Special notes
Do not whitelist public mailbox domains (like @hotmail.com, @gmail.com, @outlook.com): Phishing simulations should only be sent to your organization’s users.
If you still cannot receive the emails after whitelisting, check if your mail server has any additional filtering (e.g., DKIM/SPF policies, other anti-spoofing rules) that could block simulation emails.
For all technical requirements per client/organization type, see our tailored instructions for organizations < 500 users, Google Workspace, and Microsoft 365.
IP addresses to whitelist
Please whitelist all the IPs listed below in your email provider:
- 194.5.85.8
- 194.5.85.10
- 194.5.85.11
- 194.5.85.12
- 194.5.85.13
- 194.5.85.14
- 194.5.85.15
- 194.5.85.16
- 194.5.85.17
- 194.5.85.18
- 194.5.85.19
Phishing (sending) domains to whitelist
Whitelist the following domains in your email provider's settings:
- 0ffice.online
- datumprlkker.nl
- nnbrs.nl
- starkado.nl
- aliianz.nl
- pro-hrmanagement.com
- vizma.nl
- timechinp.nl
- slmplicate.nl
- dedaree.nl
- exacl.nl
- my-chatgpt.net
- online-emea-adp.com
- my-saleforce.com
- my-payment-service.com
- noreplybox.com
- thesupport-center.com
- myaccounts-google.com
- globelinkhub.com
- infosecura.net
- datadashsystems.com
- proximacorp.net
- mailaccessportal.com
- unitechbase.nl
- nexodoc.nl
Testing the whitelisting
After whitelisting the IP addresses and domains:
Step 1: Set up a test phishing campaign to yourself.
Step 2: Monitor the campaign to ensure that the emails are delivered successfully and are not flagged as spam or blocked by your system.
If the test campaign is successful, proceed to launch your phishing campaign for the rest of your users. If you encounter any issues, please revisit the whitelisting settings or contact our support for further assistance.
For more information on setting up a phishing campaign check out our helpcenter article: setting up a phishing campaign.
Troubleshooting
If emails appear in quarantine or are not delivered, double-check all IPs and domains are correctly whitelisted.
Review the email security logs or quarantine center for possible blocked messages.
If you see red security warnings when clicking links in simulation emails (e.g., from Microsoft Defender), this is normal internal browser protection (see explanation here). The delivery itself depends on whitelisting IPs and sender domains.
Related resources
Whitelisting IP Addresses and Domains for Phishing Simulations
Setting up a phishing campaign
Phishing campaign requirements by organization size
Contact support if technical issues persist after following these steps.
Comments
0 comments
Article is closed for comments.