If your business uses Google Workspace (formerly known as G Suite), you may need to allow list RiskBuddy domains and IP addresses in order to ensure your simulated phishing and security awareness training emails are delivered successfully.
In this article, you'll find:
- How to allow-list RiskBuddy IP addresses in Google Workspace
- STEP ONE: Add RiskBuddy IP addresses to the Google Workspace allow-list
- STEP TWO: Add RiskBuddy's IP addresses as Inbound Gateways
- How to allow-list RiskBuddy domains in Google Workspace
- Domain list
- Next steps
How to allow-list RiskBuddy IP addresses in Google Workspace
Allow-listing usecure IP addresses in Google Workspace has two steps:
- STEP ONE: Add RiskBuddy IP addresses to the Google Workspace allow-list
- STEP TWO: Add RiskBuddy's IP addresses as Inbound Gateways
Adding IP addresses to the allow-list will help emails get through without falling into the spam folder - whereas adding domains as Inbound Gateways will help you get rid of warning messages that could otherwise tip your users off to their simulated phishing emails.
STEP ONE: Add RiskBuddy IP addresses to the Google Workspace allow-list
- Log in to https://admin.google.com
- Navigate to Apps -> Google Workspace -> Gmail
- Scroll down to the bottom of the Gmail settings page and click Spam, Phishing and Malware
- Select Email whitelist which is the first option.
- Enter the RiskBuddy IP addresses in the Email whitelist section, separated by commas. The RiskBuddy IP addresses are:
198.21.6.191
168.245.56.242
99.80.168.14
- Click Save. It may take up to an hour for the changes to apply to all users.
STEP TWO: Add RiskBuddy's IP addresses as Inbound Gateways
Google Workspace will automatically tag some emails as suspicious if it believes there's a chance they are phishing-related, and may add banners to them to notify users of increased risk.
This could be a yellow 'Be careful' banner...
Or a red 'This message seems dangerous' banner.
To better assess your users' vulnerability to phishing, you will want to ensure that these banners do not show up during your simulated phishing campaigns. Follow the instructions below to prevent these banners from appearing for RiskBuddy simulated phishing emails in Google Workspace.
- Log in to https://admin.google.com
- Navigate to Apps -> Google Workspace -> Gmail
- Scroll down to the bottom of the Gmail settings page and click Spam, Phishing and Malware
- Scroll down to the third option down Inbound gateway
- Add the RiskBuddy IP addresses to the Gateway IPs list:
198.21.6.191
168.245.56.242
99.80.168.14
- Ensure that the Reject all mail not from gateway IPs setting is unchecked
- Check the Require TLS for connections from the email gateways listed above setting
- Under Message Tagging, ensure Message is considered spam if the following header regexp matches is checked
- In the Regexp field, enter text that is unlikely to be found in a simulated phishing email, for example: ksdhqloqwklcpsshovpsnlx
- Check the Disable Gmail spam evaluation on mail from this gateway; only use header value setting
- Click Save
This is what the window should look like:
Your simulated phishing and security awareness training emails should now all be delivered successfully to your users, without warning banners popping up. We suggest you send a test simulated phishing email to your own address first to ensure all the settings have applied correctly!
How to allow-list RiskBuddy domains in Google Workspace
Allow-listing RiskBuddy domains in Google Workspace will help ensure that your course enrolments, policy send-outs and simulated phishing emails are delivered successfully to your end users.
- Login to https://admin.google.com
- Navigate to Apps -> Google Workspace -> Gmail
- Scrolls down to the bottom of the Gmail settings page and click Spam, Phishing and Malware
- Scroll down to the Spam section
- Click Add Rule or Edit if you wish to use an existing rule
- Give the rule a name like "RiskBuddy phishing allow-list"
- Click Create or Edit list
When you get to the Manage Address list page:
- Click Add Address List
- Click Bulk-Add Addresses and paste the domains below into the text box
- Leave "require sender authentication" ticked
Back on the settings page:
- Click Use Existing List
- Select your new address list you created on the previous page
- Press save
Domain list:
riskbuddy.io,
user-training.com,
amzwon.net,
biiing.net,
companylegal.co.uk,
financialdept1.com,
financialstaff.co.uk,
firmlegal.co.uk,
gdprlaw.co.uk,
gohelpdesk.co.uk,
gooolge.org,
groupmailserver.co.uk,
grouponedeals.com,
hellpdesk.net,
hhelpdesk.co.uk,
humanres.co.uk,
innermail.co.uk,
it5upport.co.uk,
ithelpdeskweb.co.uk,
ithlpdesks.com,
itsuppports.com,
marketingcrew.co.uk,
microloft.net,
pessoleldept.com,
sup0rt.co.uk,
yahoooo.info,
1nfoclient.fr,
atencionalcleinte.com,
banque-online.com,
centre-assistance.fr,
f1nancier.com,
fiinancier.fr,
financ1er.fr,
hilfekunden.de,
iinfoclient.fr,
ithilfen.de,
itsupp0rt.de,
itsupportt.fr,
kunden-unterstuzung.de,
onlinbanking.de,
pcsupport.fr,
ressourceshumains.com,
technischeuntersttzung.de,
usbank.news,
usbank.website,
uspost.online,
uspost.store,
companypolicy.com.au,
companyemail.com.au,
singlesignon.com.au,
gohelpdesk.com.au,
gohelpdesk.co.nz,
recusos-humanos.com,
infoclientehoy.com,
centro-asistencia.com,
asistenciahoy.com,
companypolicy.ie,
gohelpdesk.ie,
hhelpdesk.ie,
humanres.ie,
itsupports.ie,
singlesignon.ie,
suport.ie,
sup0rt.ie
Next steps
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article