Google Workspace - SAT Safelisting
Below is a guide on how to allow Security Awareness Training (SAT) phishing simulations and courses through Google Workspace so that users receive this content as intended in their inboxes.
Allowing SAT IP through Google Workspace
Adding IP addresses to the allow-list will help emails get through without falling into the spam folder - whereas adding domains as Inbound Gateways will help you get rid of warning messages that could otherwise tip your users off to their simulated phishing emails.
- Log in to https://admin.google.com with an admin account.
- Navigate to Apps > Google Workspace > Gmail.
- Scroll to the bottom and select 'Spam, Phishing and Malware.
- click 'Email Whitelist'.
- In the 'Email Whitelist' section, enter our Censornet SAT IP: 23.249.219.118
- Click 'Save'.
Please note: these changes can take time to apply. Please allow at least an hour for this to fully take effect.
Add SAT IP addresses as Inbound Gateways
Google Workspace will automatically tag some emails as suspicious if it believes there's a chance they are phishing-related and may add banners to them to notify users of increased risk.
This could be a yellow 'Be careful' banner:
Or a red 'This message seems dangerous' banner:
To better assess your users' vulnerability to phishing, you will want to ensure that these banners do not show up during your simulated phishing campaigns. Follow the instructions below to prevent these banners from appearing for SAT-simulated phishing emails in Google Workspace.
- Log in to https://admin.google.com
- Navigate to Apps > Google Workspace > Gmail.
- Scroll down to the bottom of the Gmail settings page and click 'Spam, Phishing and Malware'.
- Scroll down to the third option which should be 'Inbound Gateway'.
- Add our SAT IP address to the Gateway IP list: 23.249.219.118
- Make sure that the 'Reject all mail, not from gateway IPs' setting is unchecked.
- Under 'Message Tagging', ensure 'Message is considered spam if the following header regexp matched' is checked.
- In the 'Regexp' field, enter text that is unlikely to be found in a simulated phishing email, for example: ksdhqloqwklcpsshovpsnlx.
- Check the 'Disable Gmail spam evaluation on mail from this gateway; only use header value' setting.
- Click 'save'.
This is what this window should look like after these steps:
Your simulated phishing and security awareness training emails should now all be delivered successfully to your users, without warning banners popping up. We suggest you send a test simulated phishing email to your own address first to ensure all the settings have been applied correctly.
Allow SAT domains in Google Workspace
Allow-listing SAT domains in Google Workspace will help ensure that your course enrolments, policy send-outs, and simulated phishing emails are delivered successfully to your end users.
- Log in to https://admin.google.com with an admin account.
- Navigate to Apps > Google Workspace > Gmail.
- Scroll to the bottom and select 'Spam, Phishing and Malware'.
- Scroll down to the 'Spam' section.
- Click 'Add rule' or 'Edit' if you wish to use an existing rule.
- Give the rule a name like "SAT Allow-list".
- Click 'Create' or if it is an existing rule, click 'edit'.
When you get to the Manage Address list page:
- Click 'Add Address list'.
- Click 'Bulk-Add Addresses' and paste domains as shown below into the text box:,
nhs-antibodytest.co.uk,
just-eat-voucher.co.uk,
noreply-linkedinverify.co.uk,
noreply-amazon.co.uk,
dpdupdates.co.uk,
dropbox-notifications.co.uk,
microsoft-notifications.co.uk,
netflix-password.co.uk,
netflixnotifications.co.uk,
noreply-deliveroocredit.co.uk,
noreply-hmrcupdate.co.uk,
noreply-microsoftpasswordreset.co.uk,
noreply-ubercredit.co.uk,
gmaillogin.co.uk,
google-notifications.co.uk,
dhlshipping.co.uk,
noreply-amazon.co.uk,
who-travel-updates.com,
royaal-maill.com,
netflix-update-details.com,
fed-ex-parcels.com,
microsoft-security-alerts.com,
coffee-vouchers.com,
hr-staff-updates.com,
staff-payroll-updates.com
- Click 'Use Existing List'
- Select the new address list you created on the previous page
- Press 'Save'.
This should now allow all SAT phishing simulations and training material through to users inbox as normal.