Skip to content
English
More support Sign in
Contact us
  • There are no suggestions because the search field is empty.

Policy Considerations for Living Security Phish in Proofpoint

If you're using Proofpoint Essential's spam filtering or Proofpoint Enterprise's allow list, follow the guide below to ensure delivery of phishing simulations to end users.

Whitelisting in Proofpoint Essentials
Whitelisting in Proofpoint Enterprise
Attachment Exceptions
Are your phishing simulations going to spam?

Whitelisting in Proofpoint Essentials

  1. Navigate to Security Settings > Email > Sender Lists.
  2. Under the Safe Sender list, enter our IP addresses found here.
  3. Click Save.

For more information, consult Proofpoint's article on Safe listing Addresses.

Whitelisting in Proofpoint Enterprise

  1. Navigate to your Proofpoint Enterprise Admin console.
  2. Click Email Protection.
  3. Under the Spam Detection drop-down, select Organizational Safe List.
  4. Click Add.
  5. In the Proofpoint - Global Safe List window, enter the following information:
    • Filter Type: From the drop-down menu, select Sender Hostname.
    • Operator: From the drop-down menu, select Equals.
    • Value: In the field, enter our IP addresses found here.
  6. Click Save Changes.

Firewall Rules

  1. From the Proofpoint admin center, navigate to Email Firewall > Rules.
  2. Click ‘Add Rule’ at the top of the Email Firewall Rules page.
  3. Click the “On” radio button under Rule Settings to enable the firewall rule.
  4. Name your rule ID (e.g., living_security_phishing).
  5. If applicable, restrict processing for selected policy routes.
  6. In the “Condition” section, except the Living Security IP addresses found here, using the “Add Condition” button, making sure to click “Save Changes” when finished.
  7. Under Dispositions, change the Delivery Method from the default selection to Deliver Now.
  8. Save your rule and allow time for this new setting to propagate before testing.

ℹ️ When adding the IP addresses, add them using the following logic:

    * Condition: Sender IP Address
    * Operator: IP In Network
    * Value: 198.37.157.99/32,149.72.161.59/32,149.72.42.201/32,149.72.154.87/32,37.1.145.36/32,37.1.145.35/32

To avoid potential issues with Proofpoint’s Targeted Attack Protection, we suggest that you add our IP addresses to Proofpoint’s URL Defense:

  1. Navigate to your Proofpoint Essentials Admin console.
  2. Click Email Protection.
  3. Under the Targeted Attack Protection drop-down, select URL Defense.
  4. Click URL Rewrite Policies.
  5. Under the Exceptions section, enter our IP addresses found here.
  6. In the same section, enter the phish landing page domains you would like to use in your simulations. To find these domains in the Phishing Tool, navigate to Phishing Simulator > Settings > Domains.
  7. Click Save Changes.

Attachment Exceptions

Proofpoint blocks certain extensions with a high malicious potential by default. If you find the need to send executable attachments in your phishing simulations, follow the steps below to ensure delivery to end users:

  1. Navigate to Security Settings > Email > Filter Policies.
  2. Click New Filter.
  3. Give the filter an appropriate name.
  4. For Type, select Inbound
  5. Click Continue.
  6. Use the following conditions for your filter:

    bypassexe.JPG

ℹ️ The above attachment is an example to allow .exe files. This will need to be changed based on the file extension you wish to allow, such as *.dll or *.vb. The previous excerpt was gathered from Proofpoint's article on Attachment Types Proofpoint Essentials Blocks By Default.

Are your phishing simulations going to spam?

Add our IP addresses to the organizational safe list:

  1. From your Proofpoint admin center, navigate to Email Protection > Spam Detection > Organizational Safe List.
  2. Add either our hostnames or IP addresses found here. In addition, please add the landing page domains you would like to use in your campaigns. To find these domains in the Phishing Tool, navigate to Phishing Simulator > Settings > Domains.

Questions? Please contact help@livingsecurity.com