HowTo: Whitelist by X-Header in GSuite/Google Apps

The instructions below will show you how to whitelist CyberHoot’s phishing training/test emails by email header in your GSuite environment. This article reflects our most up-to-date best practices for whitelisting with your provider. Please be aware that your mail service provider may make changes to how their systems analyze our emails at any time. If you are having issues whitelisting using the procedure below, please contact our support@cyberhoot.com and we will work with you the best we can. 

  1. Log on to https://admin.google.com and click Apps.

  2. Click G Suite then Gmail.

     

  3. Click Advanced Settings

     

  4. Navigate to the Compliance section of the General Settings tab.
  5. Hover over the Content Compliance field and click Edit.
  6. Under the Email messages to affect field check Inbound and Internal – receiving.
  7. Click ADD under the Add expressions that describe the content you want to search for in each message

 

    • From the first drop-down menu, select if ANY of the following match the message.
    • From the second drop-down menu, select Advanced content match.
    • In the Location field, select Full headers.
    • In the Match type field, select Contains text.
    • In the Content field, enter the header text. The default CyberHoot header is Become_More_Aware
    • Click SAVE
  1. If the above expressions match, do the following field, select Bypass spam filter for this Message under Spam.

Your Final Content Compliance Setting Screen

We recommend setting up a test phishing campaign for yourself or a small group after you follow the previous steps to ensure your whitelisting was successful. 
Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.