Skip to main content
All CollectionsGetting StartedStep 1: Whitelisting Right-Hand Domains & IP
Steps to Whitelist IP Address in Google Workspace/Google Apps
Steps to Whitelist IP Address in Google Workspace/Google Apps
Soumalya Mitra avatar
Written by Soumalya Mitra
Updated over a week ago

The below instructions will show you how to whitelist Right-Hand's simulated phishing emails and training notifications by Right-Hand IP addresses in your Google Workspace environment.

Note:

  1. The below settings are recommended only if you do not have a cloud-based spam filter for GSuite.

  2. If you have a cloud-based spam filter, you should whitelist Right-Hand IP addresses in the filter, and whitelist by header in Google Workspace.

This whitelisting method is a two-part process:

  1. Add Right-Hand's IP addresses to Email Whitelist

  2. Add Right-Hand's IP addresses as Inbound Gateway

Add Right-Hand's IP addresses to Email Whitelist

You can follow the below instructions to set up your IP allow list for Google Workspace/Google Apps. These instructions can be verified from Email Whitelist in Google Workspace.

  1. Log in to https://admin.google.com and navigate to Apps > Google Workspace > Gmail.

  2. Select Spam, Phishing, and Malware.

  3. In the Organizations section, highlight your Domain. Do not select an organizational unit (OU).

  4. In the Email allowlist section, type our IP addresses separated by commas. For the most up-to-date list of our IP addresses, please see this article.

  5. Click on the Save button.

    Add Right-Hand's IP addresses to Inbound Gateway

  6. In the same section, click on Inbound gateway

  7. Configure the Inbound gateway using the settings below:

    • Gateway IPs: Add Right-Hand's IP addresses. For the most up-to-date list of our IP addresses, please see this article.

    • Leave the Reject all mail, not from gateway IPs option unchecked.

    • Check Require TLS for connections from the email gateways listed above

    • Message Tagging: Enter text for the Spam Header Tag that is unlikely to be found in a PST email. This field is required.
      Example: kzndsfgklinjvsdnfioasmnfroipdsmfs

    • Select the Disable Gmail spam evaluation on mail from this gateway; only use the header value option.

  8. Click the SAVE button.

Note:

We recommend setting up a test phishing campaign for yourself or a small group after you follow the below steps to ensure your whitelisting was successful. The setting may take up to an hour to propagate to all users, so wait at least an hour before testing.


In case of a warning banner displaying within a phishing campaign, please follow the instructions mentioned in the link

Frequently asked questions

Q1. Google now allows a single security policy for the inbound Gateway. In order to get emails from Right-hand I have to disable the spam filter but I cannot do that for all incoming emails. How do I get around this problem?

  1. Navigate to GSuite Admin Console and, from the left menu navigate to Apps → Google Workspace → Gmail.

  2. Click on Compliance Tab and then click on Configure for Content compliance.

  3. A new tab will open and add the following values.

    1. Set RHS - ByPass Spam Rule as the name for the rule or name it based on your choice or convention.

    2. Select `Inbound` inside Email messages to affect.

    3. Click on Add to create a new rule, and a new window will open.

      1. Select Advanced content match.

      2. Select Full Headers inside the Location drop-down menu.

      3. Select Match type Contains text and add 168.245.54.27 inside the content field.


      4. Inside If the above expressions match, do the following section, select Bypass the spam filter for this message.

      5. The rule will be added.

      6. Make sure that rule applies to all the organization units.

    Note: Users might see a warning banner from Google if Google detects any emails as Spam. This banner cannot be hidden. However, it won’t appear every time as the Google algorithm is dynamic.


Did this answer your question?