Barracuda is a popular email security product. To ensure CyberLearn’s simulated phishing emails reach the inbox, you should whitelist our senders and, if your policy requires it, any sending IP addresses/provider ranges in Barracuda’s Email Security solutions.
Below you’ll find step-by-step instructions for Barracuda Cloud (ESS), on-prem (ESG), and ATP.
Whitelisting IP addresses in Barracuda Email Security Service (Cloud)
If your organization uses Barracuda’s Email Security Service (cloud), follow these steps to whitelist CyberLearn:
- Log in to Barracuda Cloud Control.
- Go to Email Security > Inbound Settings > IP Address Policies.
- Enter the IP addresses that send CyberLearn emails to you in IP Blocking / Exemption. Repeat for each IP address you’ve received from us (or our email service provider/ESP).
- Set a Policy / Narrative describing what the exception covers (e.g., “CyberLearn Simulated Phishing IP Addresses”) so it’s clear why these IPs are allowed.
- Click Add/Save to add the IP address to the allow list.
- Repeat steps 3-5 for all relevant IP addresses.
Note: If you instead use domain/URL exceptions, you can complement the IP steps by allowing go.cyber-detector.com (tracking) and app-cyberlearn.com (portal).
Whitelisting IP addresses in Barracuda Email Security Gateway (on-premise)
If your company uses Barracuda Email Security Gateway (appliance/on-prem), follow these steps:
- Log in to your Barracuda Email Security Gateway.
- Go to Block/Accept > IP Filters.
- Enter the IP address or IP range that sends CyberLearn emails in Allowed IP/Range. Repeat for each IP you’ve received.
- Add a short comment/label so it’s clear what the exception covers (e.g., “CyberLearn Simulated Phishing IP Addresses”).
- Click Add/Save to add the IP address to the allow list.
- Repeat steps 3–5 for all relevant IP addresses.
Whitelisting in Barracuda Advanced Threat Protection (ATP)
If you experience delays or sandboxing of legitimate CyberLearn emails due to ATP, you can add a targeted exception:
- Log in to the Barracuda Email Security administration.
- Open the ATP / ATP Settings tab.
- Add an exception/bypass for the CyberLearn senders/IPs you have already whitelisted.
- Click Add/Save to activate the exception.
Recommendation: Keep ATP scanning enabled by default. Only create exceptions if you see false positives on CyberLearn’s standard materials. For link handling, we also recommend a URL protection bypass for go.cyber-detector.com (and, if applicable, the provider domain behind the CNAME, e.g., t.mailjet.com) so scanners don’t “consume” user clicks.
Additional tips (optional)
- Permitted/Allowed Senders: Create a policy that permits your CyberLearn sender(s) (e.g.,
noreply@cyber-detector.comand*@cyber-detector.com*.veriffy-center.com *.user-messagee.com *.access-portall.com *.delivery-statuss.com *.document-serviice.com) to your internal domains. - URL/Link Protection bypass: Add exceptions for
go.cyber-detector.com(tracking) andapp-cyberlearn.com(portal) so links aren’t rewritten/sandboxed. - FQDN over IP: Where possible, also use domain-based exceptions; provider IP ranges can change.
