Whitelisting Dcoya Platform on Google Workspace

Yariv Hazony
Last Updated: 3 months ago


This guide will help system administrators exclude Dcoya's communications, including Phish SIM emails, training emails, reminders, and notifications from being classified as spam or triggering notifications for potential phishing emails in Google Workspace. Follow these simple steps to ensure smooth delivery of these emails to your users' inboxes.

Why Whitelist IP Addresses and Email Headers?

Whitelisting plays a vital role in ensuring that the phishing simulation communications provided by Dcoya’s operate smoothly as intended. This process prevents these emails from being incorrectly marked as spam or causing unnecessary alerts. Both IP addresses and email headers must be whitelisted for effective protection.

Whitelist IP Addresses

  1. Log in to your Google Workspace admin console at [https://admin.google.com](https://admin.google.com).

  2. In the left-side panel, navigate to "Apps" → "Google Workspace" → "Gmail."


  3. Select "Spam, Phishing, and Malware."

  4. In the "Email Whirlist" section, enter the IP addresses provided by Dcoya Managed Services, separated by commas.

  5. Navigate to the "Inbound Gateway" settings and enable the "Enable" option.

  6. Leave the following options unchecked:

    • Automatically detect external IP (recommended)

    • Reject all mail not from gateway Ips

  7. Check the box that says "Require TLS for connections from the email gateways listed above."


  8. In the "Message Tagging" field, input a Spam Header Tag that is highly unlikely to be present in any Dcoya email communications. For instance, you may choose to enter a sequence of random letters, such as`jhdfhslkdjf847847htjerhtke`.

  9. Select the option "Disable Gmail spam evaluation on mail from this gateway; only use the header value."


How to Whitelist Email Headers for Dcoya Platform Communications

To ensure that Dcoya's platform communications, including Phishing Simulation (Phish SIM), training emails, reminders, and notifications, are delivered to your users' inboxes without any issues, you need to whitelist our email headers in Gmail. Follow these simple steps to configure Gmail to recognize and allow Dcoya email headers.

Why Whitelist Email Headers?

Dcoya's Phish SIM and training emails contain special headers. Whitelisting these headers in Gmail ensures that these emails are not mistakenly treated as spam, allowing your users to receive them in their inbox.

Follow these steps:

  1. Go to "General Settings for Gmail."

  2. Navigate to the "Compliance" section.

  3. Under the "Content Compliance" section, click "CONFIGURE."

  4. Create a suitable name for this content compliance (e.g., "Dcoya phishing content compliance").

  5. Under "Email messages to affect," check both "Inbound" and "Internal - receiving."

  6. Click "ADD" to add expressions that describe the content to search for in each message.

  7. In the dropdown menu, select "Advanced content match."

  8. In the "Location" dropdown, select "Full headers."

  9. Leave "Contains text" as the match type.

  10. In the "Content" field, enter the text "Dcoya PHISH Test."

  1. Click "SAVE."

  2. In the "If the above expressions match, do the following" field, select "Bypass spam filter for this Message under Spam."

Was this article helpful?