Cyber Guru 2.0 Help Center
Contact us
Home
Configuration and Company Management
Company Admin Manual
Whitelisting & Report

Whitelisting Proofpoint Tap

Edited

This article describes the steps to configure a policy in Proofpoint that allows excluding simulation emails from normal filtering and detection processes. By following these instructions, you can ensure that tests are managed securely and effectively while protecting the integrity of the threat detection system.

1. Create a Policy Route for Phishing/Spam Tests

  • Navigate to the tab "System > System > Policy Routes".

  • Add a new policy route with the "Route ID:Phishing_Spam_CG".

  • Add Condition: specify the "Sender IP Address" to be authorized for the simulation.

2. Configure Custom Rules for Spam Detection

  • Go to the tab "Email Protection > Spam Detection > Custom Rules".

  • "Add RuleSpam_CG_Safelist":

    • "Add Condition: Policy Route equals Phishing_Spam_CG".

    • Action: Classify as "Not Spam.

  • Add the rule "Phish_CG_Safelist":

    • Add Condition: Policy Route equals "Phishing_Spam_CG".

    • Action: Set the classifier score for Phish to 0.

3. Disable Detection for Phishing/Spam Test in Reputation Service

  • Navigate to Email Protection > Spam Detection > Reputation Service > Settings.

  • Add "Phishing_Spam_CG" to the "Disable For Any Of" list.

  • Alternative: if a pdrsafe route has been created, add the provider's IPs to pdrsafe as Sender IP. This policy should already be applied to the "Disable For Any Of" list under "Reputation Service > Settings".

4. Exclude the Vendor for TAP URL Defense

  • If using TAP URL Defense, go to the tab "Email Protection > Targeted Attack Protection > URL Defense > URL Rewrite".

  • Under "Exceptions", add the domain, hostname, or IP address of the third-party provider to exclude them from URL rewriting.

5. Exclude the Vendor for TAP Attachment Defense

  • If using TAP Attachment Defense, go to the tab "Email Protection > Targeted Attack Protection > Attachment Defense".

  • Check the option "Disable processing for selected policy routes" and select the policy route "Phishing_Spam_CG" configured earlier. This change will exclude attachments containing phishing test URLs from TAP Attachment Defense.

6. Disable Traffic Statistics for the Policy Route

  • Navigate to "System > Settings > System".

  • Disable traffic statistics for the policy route.

  • Add your policy route to the "Disable processing for selected policy routes" list to prevent URLs from being pre-scanned.

7. Create a Policy Route to Bypass Traffic Statistics (Optional)

  • Go to "System > System > Settings > System".

  • Find the section "Send Feedback from Agent Directly".

  • Create a policy route with the domain or sender address for which you want to bypass traffic statistics.

  • Add this policy route to the "Disable processing for selected policy routes" list in this section to exclude traffic related to that route from the statistics.

Disclaimer