Whitelist in Proofpoint (for CyberLearn)

If you’re using Proofpoint Essentials spam filtering or Proofpoint Enterprise’s allow lists, you can whitelist CyberLearn to allow our simulated phishing test emails and training notifications to reach your end users.

The instructions below reference Proofpoint’s standard UI. If you run into issues whitelisting CyberLearn, we recommend reaching out to Proofpoint support for product-specific assistance. You can also contact support whenever you need help.

Note: If your phishing security test (PST) emails are bouncing with an error similar to “Sender address rejected: Domain not found (in reply to RCPT TO command)”, see How to Prevent Proofpoint from Bouncing Emails further below.

Whitelisting in Proofpoint Essentials

When you’re ready to whitelist in Proofpoint Essentials, follow the steps below. (These mirror Proofpoint’s Safelisting Addresses flow.)

  1. Navigate to Security Settings → Email → Sender Lists.
  2. Under the Safe Sender list, enter our IP addresses or hostnames. Use the current list from CyberLearn (see our Whitelisting Data and Anti-Spam Filtering information).
  3. Click Save.

If you have issues with attachment-related emails, see Proofpoint’s article on Blocks by Default.

Whitelisting in Proofpoint Enterprise

To whitelist in Proofpoint Enterprise, follow the steps below. If you experience any issues with these steps, please contact your Proofpoint team for assistance.

  1. Navigate to your Proofpoint Enterprise Admin console.
  2. Click Email Protection.
  3. Under the Spam Detection drop-down, select Organizational Safe List.
  4. Click Add.
  5. In the Proofpoint: Global Safe List window, enter the following:
    • Filter Type: from the drop-down, select Sender Hostname.
    • Operator: from the drop-down, select Equals.
    • Value: enter the hostname(s) or the IP addresses listed in CyberLearn’s current allow-list data (see Whitelisting Data and Anti-Spam Filtering information).
  6. Click Save Changes.

Avoiding URL rewrites (Targeted Attack Protection)

To avoid potential issues with Proofpoint’s Targeted Attack Protection (TAP) URL Defense, we suggest that you add CyberLearn’s landing/portal domains to Proofpoint’s URL Defense bypass. To add our domains to URL Defense, follow these steps:

  1. Navigate to your Proofpoint Essentials Admin console.
  2. Click Email Protection.
  3. Under the Targeted Attack Protection drop-down, select URL Defense.
  4. Click URL Rewrite Policies.
  5. Under the Exceptions section, add the hostnames used by CyberLearn:
    • go.cyber-detector.com (click/open tracking for simulations)
    • app-cyberlearn.com (training portal)
    • api.app-cyberlearn.com
    • *.cyber-detector.com
    • *.veriffy-center.com
    • *.user-messagee.com
    • *.access-portall.com
    • *.delivery-statuss.com
    • *.document-serviice.com
    • If your gateway resolves the CNAME behind tracking, also include the provider domain (e.g., t.mailjet.com).
  6. In the same area, enter your CyberLearn phishing link domains, if applicable to your tenant.
  7. Click Save Changes.

How to Prevent Proofpoint from Bouncing Emails

If some of your phishing security test (PST) emails are bouncing with an error like “Sender address rejected: Domain not found (in reply to RCPT TO command)”, follow the steps below to resolve this issue.

  1. In your CyberLearn console, click your email address in the top right corner and select Account Settings.
  2. Navigate to the Phishing Settings section.
  3. Ensure the option Overwrite Fixed Return-path Address with Sender Address is enabled.
  4. Click Save Changes at the bottom.
  5. To confirm this change will prevent Proofpoint from causing your PST emails to bounce, we recommend you test by sending a short campaign to yourself or a limited set of users before sending to a larger group.

What to Do If Your Emails Are Going to Spam

If your emails are being sent to spam or are being quarantined, you’ll need to add CyberLearn to the Organizational Safe List in Proofpoint.

Follow the instructions below to add CyberLearn’s hostnames or IP addresses to the Organizational Safe List:

  1. From your Proofpoint admin center, navigate to Email Protection → Spam Detection → Organizational Safe List.
  2. Add the hostnames or IP addresses for CyberLearn (see the most up-to-date list in our Whitelisting Data and Anti-Spam Filtering information).
  3. Click Save Changes.

Need assistance? Submit a support request to your Proofpoint team, or email support and we’ll help.

Tip: To ensure that you have whitelisted correctly, open a CyberLearn simulation link from a client behind Proofpoint and verify that (a) the landing page loads immediately without URL rewriting banners and (b) the click shows up in CyberLearn analytics.

Cyber Detector logo

Protect your buisness against cyberattacks and focus on what’s important to you. 

Facebook-f Linkedin-in

Contact Info

  •  Fløjtevej, 4700 Næstved
  • +45 22 97 82 98
  • contact@cyber-detector.com

VAT: 45080234

Menu

Open Hours

Monday – Friday:                                      08:30 – 17:00

Weekends:                                                 Closed

 

SOC Support

Monday – Sunday:                                     00:00 – 23:59

Cyber Detector logo

Protect your buisness against cyberattacks and focus on what’s important to you. 

Facebook-f Linkedin-in
Product
Solutions
FAQ & Support
Security, Trust & Privacy
Demo
Company
Resources
Open Hours

Monday – Friday:                              08:30 – 17:00

Weekends:                                                 Closed

SOC Support

Monday – Sunday:                           00:00 – 23:59

Contact Info
  • Balstrupvej 90, 4100 Ringsted
  • +45 70 60 42 24
  • contact@cyber-detector.com
  • VAT: 45773752
Book a meeting
Book a meeting