Whitelisting in Mimecast

This article takes you through the steps on how to Whitelist Phriendly Phishing IP Addresses and Domains when using Mimecast. Adding our IP addresses and Domains to a global Approved Senders list ensures that our phishing simulation and training emails are sent through.

Please follow the instructions below to add global approved sender:

To successfully whitelist our phishing and training-related emails when using Mimecast, you should Create a new Permitted Sender policy to allow our phishing and training-related emails through to your users' inbox.

Important: Do not edit your default Permitted Sender policy. A new one must be created.

Permitted Senders Policy

1. Log on to your Mimecast Administration Console.
2. Click the Administration toolbar button.
3. Select the Gateway | Policies menu item.
4. Select Permitted Senders from the list of displayed policies. 
5. Select the New Policy button (please do not edit your default Permitted Sender policy; a new one must be created)  
6. Add Policy Narrative 'Phriendly Phishing Permitted Senders Policy' and select the relevant policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings see Mimecast's Configuring a Permitted Senders Policy article (opens in a new tab).  
7. In the Source IP Ranges field, enter our IP ranges, see Generate a whitelist test – Phriendly Phishing (opens in a new tab).
8. Save the Policy

Attachment Protection Bypass Policy

1. Log on to your Mimecast Administration Console 
2. Click the Administration toolbar button. 
3. Select the Gateway | Policies menu item. 
4. Select Attachment Protection Bypass from the list of displayed policies. 
5. Select the New Policy button. 
6. Add Policy Narrative 'Phriendly Phishing Simulation Attachment Protection Bypass Policy' and select the relevant policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring Attachment Protection Bypass Policies article (opens in a new tab). 
    In the Source IP Ranges field, enter our IP ranges, please see Generate a whitelist test – Phriendly Phishing (opens in a new tab).
7. Please save the policy. 

URL Protection Bypass Policy

Mimecast's URL Protection service scans and checks links in emails upon delivery. This can lead to false-positive results for your phishing security tests. Follow the steps below to create a URL Protection Bypass policy for accurate phishing simulation reports. 
 

1. Log on to your Mimecast Administration Console 
2. Click the Administration toolbar button. 
3. Select the Gateway | Policies menu item. 
4. Select URL Protection Bypass from the list of displayed policies. 
5. Select the New Policy button. 
6. Add Policy Narrative 'Phriendly Phishing Simulation URL Protection Bypass Policy' and select the relevant policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring Attachment Protection Bypass Policies article (opens in a new tab).
7. In the Source IP Ranges field, enter our IP ranges, see Generate a whitelist test – Phriendly Phishing (opens in a new tab).
8. Please save the policy. 

Congratulations! You have just configured whitelisting!

Note: These instructions are for third-party software so we advise contacting Mimecast for detailed instructions if you experience any issues whitelisting Phriendly Phishing in Mimecast services. Additionally, you can also get in touch with our support team at support@phriendlyphishing.com.