PhishProof Prerequisites

Written By Marissa Fegan (Super Administrator)

Updated at February 11th, 2026

Table of Contents

Universal Allowlisting (Required for all Delivery Methods) Direct-to-Inbox Configuration Conventional Email Delivery Additional Configuration

To ensure our simulated phishing campaigns and training notifications successfully reach your users, it's essential to add our IP addresses, domains, and URLs to your allowlists. This guide provides the prerequisites and instructions to do just that, with dedicated sections at the bottom tailored for your environment.

We will be sending simulated phishing emails from outside your network. Completing the tasks below is essential to ensuring successful email delivery.

Add Exceptions for Phishing Simulations

There are two delivery methods for routing PhishProof emails to your organization: Direct-to-Inbox (DTI) or Conventional Email Delivery.

Universal Allowlisting (Required for all Delivery Methods)

Regardless of your delivery method (Conventional or DTI), the following domains must be added to your email security solution (IDS, Firewall, or Cloud Filter) to ensure landing pages and educational content are accessible.

The following has been formatted for easy copying from here and pasting into a CSV for importing.

PhishProof Landing Page and Template Domains

*.phishproof.com

accountsecurity.online
amznbks.com
bankameriica.com
certifyjob.com
clickweb.solutions
faceboookfriendster.com
filescanners.org
formsmail.com
funitgames.org
googllesecurity.net
ibsbanks.com
mailsystems.online
securityadmin.net
securityalert.org
starrwood.net
systemadsmin.org
twitttersocialpage.com
upssite.com
uspostallservice.com
wallgreenspharm.com
web-access-alerting.com
boxfilesshare.com
docutransfers.com
employee-rewards.net
hr-rewardscenter.com
hq-administrators.com
itpatching-installs.com
corp-addmin.com
admin-tokenalert.com
sso-server.com
login-microsoft.com

Direct-to-Inbox Configuration

If your organization uses Microsoft 365 as your email platform, you must configure Direct-to-Inbox (DTI). Failure to use DTI will result in PhishProof campaigns being blocked or filtered, preventing simulations from reaching your users' inboxes.

Please navigate to PhishProof Direct-to-Inbox for complete details on how to configure DTI, including configuring an Inbound Connector in Microsoft 365 and configuring Mail Flow Rules.

Conventional Email Delivery

If you are using conventional SMTP delivery, ensure the IP addresses listed below are permitted through your gateway.

The following has been formatted for easy copying from here and pasting into a CSV for importing.

Sending IP Addresses used for email delivery

69.72.47.208
69.72.47.209
69.72.47.21
69.72.47.210
69.72.47.211
69.72.47.3
69.72.47.30
69.72.47.31
69.72.47.56
159.135.234.148

159.112.248.122

SMTP Relay used by PhishProof

smtp.mailgun.org

Additional Configuration

Select this if your organization uses Microsoft Email Services - Required for both DTI and conventional delivery methods

Select this if your organization uses Microsoft Email Services AND a third-party Secure Email Gateway (including VIPRE Email Security Cloud) - Required only for conventional delivery methods

This section provides the necessary steps to ensure that simulated phishing emails and educational links are delivered and function correctly without being blocked or altered by Microsoft's security filters.

Steps Required for all Delivery Methods

Regardless of your delivery method (Conventional or DTI), action is required to prevent Microsoft Defender SmartScreen from misidentifying safe PhishProof educational landing pages as malicious.

Update Group Policy settings for SmartScreen:

For assistance, refer to the following Microsoft knowledge base articles:
- SmartScreen Settings
- SmartScreenAllowListDomains

Steps Required for Conventional Delivery Only

If your organization uses conventional email delivery, the following configuration is required to further ensure seamless email delivery and proper functionality of your phishing simulations.

Configure Allow-Listing in Microsoft 365 Defender:

Set exceptions in the Microsoft 365 Defender portal to allow simulated phishing emails to bypass filtering; for assistance, refer to Microsoft's knowledge base article

Bypass ATP Link and Attachment Processing:

Create rules in Microsoft 365 to bypass Advanced Threat Protection (ATP) processing for links and attachments in simulated phishing emails; follow our process for creating rules to bypass Microsoft ATP

If your organization utilizes Microsoft 365 in conjunction with a third-party Secure Email Gateway (SEG), such as VIPRE Email Security Cloud, additional configuration is required to prevent mail flow disruptions. Due to intermediary routing, Microsoft 365 may not correctly recognize simulation emails as coming from PhishProof when using a third-party cloud filter.

Step 1: Create a Receive Connector in Office 365

A Receive Connector allows emails processed by your third-party filter to enter Microsoft's email service securely.

If you already have a Receive Connector, skip ahead Step 2
For assistance, refer to the following VIPRE resources:
- How to Configure Receive Connectors in Microsoft 365
- How to Block non-VIPRE Email Sources

Step 2: Enable Enhanced Filtering for the Receive Connector in Exchange Online

This ensures that Microsoft recognizes emails routed through your third-party filter as trusted.

For assistance, refer to the following:
- VIPRE Resource: How to Configure Bypass Rules & Enhanced Filtering in Microsoft ATP
- Microsoft Resource: Enhanced Filtering for Connectors in Exchange Online

VIPRE Security Knowledge