How to Whitelist by IP Address in Google Workspace

This article will help you to set up whitelisting in your company with Google Workspace Admin.

Why Whitelist IP Addresses and Email Headers?

Whitelisting ensure the Wizer phishing simulation (PS) functions without issue and prevents PS emails from being automatically moved to the spam folder or notifying users about potential phishing emails. IP addresses and email headers are both required to be whitelisted.

Whitelist IP Addresses
The Wizer mail server IP addresses provided in this list are required to be whitelisted to prevent Gmail from classifying the PS emails as spam/phishing.  This needs to be done because Wizer PS emails are "phishing" by definition.

Steps to Whitelist IP Addresses
1. Log in to https://admin.google.com
2. On the left side panel go to the Apps → Google Workspace → Gmail


3. Select "Spam, Phishing, and Malware"


4. In the Email whitelist section, enter the IP addresses from this list, separated by commas:

5. Scroll down to the Inbound Gateway. Turn on the "Enable" checkmark

  • Add the IP Addresses one by one from this list.
  • Leave the Automatically detect external IP (recommended) and Reject all
    mail, not from gateway IPs option unchecked
  • Check Require TLS for connections from the email gateways listed above
  • Check Message is considered spam if the following header regexp matches
  • Enter the following text for the Regexp:dfgkhbjshfvolib3289yhb
  • Select the Disable Gmail spam evaluation on mail from this gateway; only
    use header value option

Whitelist Email Headers

Wizer PS emails contain a special header. Gmail must be configured to search for Wizer PS
headers and to ignore if found, allowing the user to receive the PS email to their inbox.

Steps to Whitelist Email Headers

1. Go to General "Settings for Gmail"
2. Navigate to the "Compliance" section
3. Navigate to the "Content Compliance" section and click "CONFIGURE"


4. Create any suitable name for this content compliance (For example,* Wizer phishing content compliance)
5. Under the Email messages to affect field check "Inbound" and "Internal - receiving"
6. Click "ADD" under the Add expressions that describe the content you want to
search for in each message

  • In the drop-down menu, select "Advanced content match"
  • In the Location dropdown, select "Full headers"
  • Leave "Contains text" in the Match type dropdown
  • In the Content field, enter the text "X-TestPhish"
  • Click SAVE

    7. In the If the above expressions match, do the following field, select Bypass spam
    filter for this Message under Spam
    8. Your final Content Compliance Setting screen should look like this:

* Please do not forget that applying changes can take some time. According to Google, it
takes up to 24 hours, but typically, it should not take more than 1 hour.

Congratulations! You have just configured whitelisting!