CyberHoot’s Email-Relay IP Addresses, Domains, and Allow-list Articles

Updated: August 9th, 2023

This article is a reference to CyberHoot’s mail relay IP Addresses and Domain names.  The process of allowing phishing tests through to your end users inboxes is dependent upon your mail and spam filters.  CyberHoot provides instructions and scripts on bypassing Microsofts Spam, Clutter, and Junk filters as well as adding our mail domains to the safe senders lists.  

Please note that if you are using multiple filters in series, you will also need to set up X-Headers in addition to allow lists to deliver email to your end users.  You may wish to run powershell scripts we have prepared to make your life easier.

CyberHoot Training Assignments Relay:

CyberHoot assignments are delivered via email.  Currently, all assignments flow through AWS SES, as such, there is no need to create an allow list as AWS SES reputation is excellent, but if you choose to, you can add our domain name and the following IP addresses below to the allow list.

  • DNS Name:  cyberhoot.com
  • IP Addresses: 54.240.125.36/32 and 54.240.125.37/32

Phishing Test Mail Relays

If you are planning on sending traditional (attack-based) Phishing Tests to your clients and prospects, you will need to enable all of CyberHoot’s Email Relays shown below:

DNS Names:

  • ch-account-2fa.com
  • ch-contact-us.com
  • ch-login-created.com
  • ch-password-reset.com
  • ch-security-alert.com

IP Addresses:

  • 3.212.253.236/32
  • 34.235.208.123/32
  • 44.209.10.205/32
  • 52.200.160.242/32
  • 54.164.218.52/32

*As of June 28th, 2023 all of CyberHoot’s Phish testing will be sent from these IP addresses.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.