Whitelisting PhishGuard in Sophos

Whitelisting PhishGuard in Sophos

The following instructions are meant to help you whitelist the PhishGuard domains and IPs.

Sophos Email Appliance (SEA)

Whitelisting in your Sophos Email Appliance (SEA) will allow your users to receive phishing emails from PhishGuard. 

Modify the Allow/Block Lists

The Allow/Block lists allow you to define hosts and senders which are trusted or untrusted. Messages from allowed hosts and senders will bypass Sophos antispam filtering. 

To add PhishGuard to the Allow list:

1. In your SEA manager, navigate to Configuration > Policy > Allow Lists.
2. Click the appropriate list to display the List Editor dialog box.
3. If you have an additional spam filter in front of SEA, select the Senders tab. If you do not have an additional spam filter in front of SEA, select the Hosts tab. 
4. In the Add entries text box, enter each required item* and click Add.
5. What you enter next varies depending on your selection in Step 3.
6. Optionally, you can also add PhishGuard's phish link and landing domains to the Whitelisted URLs list. 

 Sophos Firewalls

Whitelisting in Sophos firewall allows users who've clicked phishing links in the phishing message to access PhishGuard's landing pages. To whitelist in Sophos XG firewalls:

1. use our phish domains and landing domains.
2. Log in to the portal for the firewall.
3. Click on Web, located on the left.
4. Click on Exceptions, located at the top.
5. If you don’t have an exception list, click Add Exception.
6. Provide a name (PhishGuard) and an optional description for the list.
7. Check the boxes to the right under Skip the selected checks or actions for the services you purchased.
8. Check URL pattern matches.
9. Enter each phish and landing domain, one line at a time, in the Search/Add box. XXXXXX and .com represent each phish and landing domain.
10. Click the Save button at the bottom of the page.