To safelist (whitelist) in GSuite and to prevent warning banners from appearing on your phishing emails, please complete the instructions outlined in this article.
Safelisting in GSuite
Follow the below instructions to safelist in GSuite.
Log into admin.google.com
Go to Apps
Go to Google Workspaces (or, Advanced Settings in G Suite)
Go to Gmail
Click Spam, phishing, and malware (or, Content Compliance in G Suite)
In the Email Allowlist field, enter the Portal IP addresses (found in this article). The IPs should be separated by commas. For phishing test emails enter 184.108.40.206 (US) or 220.127.116.11 (EU).
Setting up an Inbound Gateway for Portal IPs
Next, you'll want to configure an Inbound Gateway. Click the edit icon to the right of Inbound Gateway. Add the Portal IP addresses (found in this article), for phishing test emails enter 18.104.22.168 (US) or 22.214.171.124 (EU). Checkmark "Require TLS for connections from the email gateways listed above". Checkmark "Message is considered spam if the following header regexp matches". Enter a random text of letters, such as "lakjdfioeuohiuoiejasdifyaiuqwepqiank" (should be different than that, though). Checkmark "Disable Gmail spam evaluation on mail from this gateway; only use header value". The completed Inbound Gateway rule should look similar to this:
When done configuring the Inbound Gateway, save your changes.
Approved Senders List
Next, create an approved senders list to bypass the spam filter. Click the 'CONFIGURE' button in the 'Spam' row.
Give the rule a descriptive name, then check the 'Bypass spam filters for messages received from addresses or domains within these approved senders lists.' checkbox.
You can assign an existing list of senders to the rule or create a new one. If you have to create a list, use the 'Add address list' form to add any phish domains you plan to use in phishing exercises to the list. You can reach the 'Add address list' by clicking 'create or edit list'. For each domain, uncheck the 'Authentication required' checkbox.
Once the list is saved, add it to the spam rule under the 'Bypass spam filters for messages received from addresses or domains within these approved senders lists.' section and save the rule.
Allow up to 24 hours for the propagation of these rules.
- NOTE: If you are using G Suite Legacy, safelisting capabilities may be limited and you may not be able to fully safelist Portal. G Suite Legacy is a free G Suite version that was offered by Google prior to December 2012. For more info on G Suite Legacy, please see Google's article here: https://support.google.com/a/answer/2855120?hl=en. For information on safelisting in Google Workspace, see this article: https://support.google.com/a/answer/60751.