Whitelisting for receiving e-mail messages

Edited

The whitelisting activity is essential to ensure that email messages sent from the CG Platform reach users' inboxes correctly, avoiding being mistakenly classified as spam or junk mail. This configuration ensures that users receive the following types of messages:

  • Simulated phishing attacks from Cyber Guru Phishing;

  • Functional emails generated by the platform, such as password recovery emails for accessing the platform;

  • Student Caring emails: These are periodic communications sent by the platform to encourage user participation in the Awareness and Channel programs.

Receiving Simulated Phishing Messages

Cyber Guru has several static elements that can be used by email security systems (Antispam and Antivirus) for easy identification of emails sent from the CG Platform:

  • Static IP address: Unless otherwise agreed, the static IP addresses from which simulated phishing emails are sent are:

    • 85.235.135.191

    • 95.110.231.245

In addition to the previously mentioned static parameters, Cyber Guru Phishing uses a defined set of dynamic senders (which may vary with each campaign/send), generated from predefined domains.

If the client's mail server also requires the inclusion of domains for whitelisting, please refer to the following table containing the domains used by Cyber Guru (Sender Domains).

The CG Platform, based on the listed domains, generates senders using various accounts and third-level domains (e.g., starting from the domain “urgente.eu,” senders like “mario@urgente.eu,” “mario.rossi@comunicazione.urgente.eu,” and “luca@amazon.urgente.eu” can be generated). Therefore, if you wish to explicitly specify the allowed domains, you must take into account this level of flexibility of the platform (e.g., by setting “*.urgente.eu” and “urgente.eu” as accepted domains).

⚠️ ATTENTION: For configuring the inbound mail filter, we recommend using only the IP address for whitelisting. This is the best and most widely supported solution by major mail servers and filters.

The domains used by Cyber Guru Phishing are as follows (all related DNS have the SPF parameter configured):

Sender Domains

⚠️ ATTENTION: Our goal is as follows: to verify if, by sending an attack with an unwhitelisted sender (“itmail.com”), the attack still bypasses the Organization’s defenses and ends up in spam or even in the inbox. It is also normal and expected that emails using this domain (itmail.com) may end up in spam. itmail.com is just an example; the system could send other emails using other domains not included in the whitelist.

Receiving Functional and Student Caring Communications

The CG Platform sends transactional emails (e.g., for "password recovery") or Student Caring emails, which are intended to guide the user through their study path (e.g., “Issuance of a new training module”).

To ensure the receipt of these emails, it is necessary to enable the following as "trusted senders":