How to Whitelist in Proofpoint

To ensure smooth delivery of Keepnet’s simulated phishing campaigns and awareness training notifications, you may need to whitelist Keepnet in your Proofpoint environment. This guide covers configuration steps for both Proofpoint Essentials and Proofpoint Enterprise.

These are third-party configurations. If you encounter any difficulties during the process, we recommend contacting Proofpoint support directly. For any questions specific to Keepnet, feel free to reach out to our support team.

Whitelisting in Proofpoint Essentials

Follow the steps below to allow Keepnet’s IP addresses through Proofpoint Essentials:

Go to Security Settings > Email > Sender Lists.
In the Safe Senders section, add Keepnet’s IP addresses.
Click Save to apply the changes.

For information about Proofpoint’s handling of email attachments, consult their documentation titled "Blocks by Default."

Whitelisting in Proofpoint Enterprise

To safelist Keepnet in your Proofpoint Enterprise environment:

Sign in to your Proofpoint Enterprise Admin Console.
Navigate to Email Protection.
Under the Spam Detection menu, select Organizational Safe List.
Click Add to begin a new rule.
In the Global Safe List configuration:
- Filter Type: Select Sender Hostname.
- Operator: Choose Equals.
- Value: Enter Keepnet’s IP addresses.
Click Save Changes.

URL Defense (TAP) Exemptions

To avoid disruptions by Proofpoint Targeted Attack Protection (TAP), you can exclude Keepnet’s emails from URL rewriting policies:

Navigate to Email Protection > Targeted Attack Protection > URL Defense.
Select URL Rewrite Policies.
Under Exceptions, do the following:
- Add Keepnet’s IP addresses.
- Add your phishing link domains.
  - To get a downloadable CSV of your phishing simulation domains, go to your Keepnet dashboard and then go to Phishing Simulator > Settings > Domains page.
Click Save Changes.

Whitelisting by Simulation Domain

To whitelist Keepnet by simulation domains in Proofpoint:

Go to Email Firewall > Rules in your Proofpoint Admin Center.
Enable the rule by switching Enable to On.
Set a descriptive name such as 'Keepnet Whitelisting Simulation Domains'
Under Conditions, click Add Condition and select Sender Domain.
Add the domains listed in the Keepnet platform by logging in and then going to Phishing Simulator > Settings > Domains page.
Under Dispositions, change Delivery Method to Deliver Now.
Click Save to apply changes.

Allow time for the rule to propagate before testing your next campaign.

If Simulation Emails Are Going to Spam

If your simulated phishing emails land in users’ spam folders or are being quarantined, ensure Keepnet is on the Organizational Safe List:

In the Proofpoint Admin Center, go to Email Protection > Spam Detection > Organizational Safe List.
Add Keepnet’s IPs.

Verifying Your Configuration

To confirm successful whitelisting, please follow the steps below.

First, launch a phishing campaign to your pilot groups and confirm if the simulation emails are delivered to the inbox.
Second, please check the campaign report on the Keepnet platform to confirm if there are any false positives.

Even after whitelisting is completed, but still the emails go to spam or quarantine, please make sure you have whitelisted Keepnet on your email server too. Please check this document for more information.

If you need further help, submit a support request — our team is here to assist.

PreviousHow to Whitelist in Mimecast NextWhitelisting in Other Security Solutions

Last updated 17 hours ago

Was this helpful?