Whitelisting IPs and Anti-Spam Filtering

Whitelisting Symbol Security IPs

Print Created by: Symbol Support

Before setting up your first phishing campaign on Symbol Security, the first step you need to do in order to guarantee that phishing simulation emails are correctly delivered to your users is whitelisting our Symbol IPs and/or domains. If you forgot to do this, it may cause our emails to be sent to the Spam folder or Quarantine in the case you're using M365, so ensure you add our IPs property.

If you're using Microsoft M365, we strongly recommend to configure Microsoft's Advanced Delivered Policies. It allows you to create a secure connection for phishing simulations by adding different rules and policies. If you want to learn how to configure it check this article: Configuring Advanced Delivery Policies in M365

This is the list of IPs used to deliver phishing emails on Symbol Security, ensure you add each of them on your tenant to bypass Symbol phishing emails and avoid having them on the spam folder:

• IP Address: 34.192.222.199 (Simulations)
• IP Address: 34.225.176.215 (Simulations)
• IP Address: 44.193.157.247 (Simulations)
• IP Address: 3.223.89.129 (Simulations)
• IP Address: 34.206.100.104 (Simulations)
• IP Address: 44.195.161.218 (Simulations)
• IP Address: 44.218.194.209 (Simulations)
• IP Address: 54.225.104.212 (Simulations)
  
• IP Address: 149.72.173.189 (Assignments and Notifications)
  
  

Note: as a best practice you should only need to whitelist the IP addresses, but some tools like Microsoft 365 and Advanced Delivery Policies will require you to whitelist IP’s and domain. To do this, you would add the following sending domains:

Domain names: 

• customerrequestdepartment.com 
• benefitsenrollmentcenter.com 
• invoicefulfillment.com 
• yoursupportrequest.com 
• recordsconfirmation.com
• passwordconfirmation.com
• responseconfirmation.com
• user-signin.com
• againstphishing.com
• customerassistance.co
• customerassistance.email
• phishfit.com

Important Note: The above represent domains that Symbol may send phish simulations from, and as such would include a 'mail.domainname.com' presentation.  For tools that require specific subdomain notation, you may be required to include the mail. subdomain in your whitelitelisting.  Alternatively, some tools like Mimecast allow either subdomain whitelisting, or wildcard whitelisting.  This means you may either need to whitelist:

• mail.passwordconfirmation.com, or

• *passwordconfirmation.com; depending on your security tool's requirements.

  For transactional reminder emails, Symbol sends from the below domains and does not use any subdomain when sending.

• getcybertraining.com
• symbolsecurity.com 

If you don't know how to whitelist these above IPs or domains, here there are some instructions about how to do it based on your vendor:

• Whitelisting IPs in Microsoft 365
• Whitelisting IPs on Google Apps for Work
  
  

If you already added these IPs and domains in your tenant and emails are still not being sent or are being sent to the spam folder or quarantine, please contact us at support@symbolsecurity.com so we can assist.