Whitelisting in Proofpoint

If you're using Proofpoint's spam filtering software, you can whitelist (safelist) our Platform to allow your users to receive our simulated phishing emails and system emails.

When you're ready to safelist in Proofpoint, follow the instructions below.

• Whitelisting in ProofPoint Essentials
• Whitelisting in ProofPoint Enterprise
• Whitelisting By Domain
• Whitelist by Email Address
• Whitelist By Sender List 
• Prevent Emails from Going to Spam

Whitelisting in ProofPoint Essentials

The below instructions apply to whitelisting in ProofPoint Essentials.

1. Go to Security Settings > Email > Sender Lists.
2. Inside the Safe Sender list, enter our Platform domains, see article: Whitelisting Technical Information.
3. Click the Save button.

Note: if you are using attachments in your simulated phishing emails, you will want to follow the instructions in this ProofPoint article on how to bypass the attachments being blocked. 

Whitelisting in ProofPoint Enterprise

1. From your ProofPoint Enterprise Admin console, click on Email Protection.
2. Select the Organizational Safe List option, located under Spam Protection.
3. Click the Add button.
4. A popup will appear, labeled Proofpoint - Global Safe. Use the following information in this popup:
   • Filter Type: select Sender Hostname.
   • Operator: select Equals.
   • Value: enter our Platform domains, see article: Whitelisting Technical Information.
   • Click Save Changes.

We recommend that you add the Platform's domains to Proofpoint’s URL Defense (this will help prevent any issues with ProofPoint's Targeted Attack Protection). Here are instructions on adding our domains to ProofPoint's Targeted Attack Protection:

1. From your Proofpoint Essentials Admin console, click Email Protection.
2. Select URL Defense from under the Targeted Attack Protection drop-down.
3. Click URL Rewrite Policies.
4. Under the Exceptions section, enter our platform Domains. For a list of our domains, see article: Whitelisting Technical Information.
5. Click Save Changes.

Whitelisting By Domain

1. From your Proofpoint admin center, navigate to Email Firewall, then Rules.
2. Be sure to select the On radio button for Enable, under Rule Settings.
3. Name your rule ID something descriptive, such as "Security Awareness Whitelisting by Domain," and provide a summary of the rule such as "Security Awareness Phishing Simulation" 
4. In the "Conditions" section you will whitelist our Platform by domain using the "Add Condition" button. For a list of our domains, see article: Whitelisting Technical Information.
5. Under "Dispositions", change the Delivery Method from the default selection to Deliver Now.
6. Be sure to save your rule and allow time for this new setting to propagate before testing.

Whitelisting by Email Address

You can safelist an email address in Proofpoint by following the instructions in this article: https://help.proofpoint.com/Proofpoint_Essentials/Email_Security/Administrator_Topics/090_filtersandsenderlists/Whitelisting_Addresses

Whitelisting By Sender List 

If the above whitelisting method does not work then you can also allow or block emails from specific email addresses, domains, or IPs. You can configure your safe sender list by following the instructions in this article: https://help.proofpoint.com/Proofpoint_Essentials/Email_Security/Administrator_Topics/090_filtersandsenderlists/Setting_up_sender_lists 

Prevent Emails from Going to Spam

Proofpoint may send emails to spam or quarantine. If so, you will need to add our Platform to the Organisation Safe List in Proofpoint.

1. From the Proofpoint admin center, navigate to Email Protection > Spam Detection > Organization Safe List.
2. Add our Platform domain names. For a list of our domains, see article: Whitelisting Technical Information.