Since official and unofficial documentation seems lacking about configuring Phish Threat to make it work together with Gmail / Google Workspace, I share my settings in case anyone else is facing these issues.
All settings need to be applied to your Google Admin Console. Navigate to Apps / Google Workspace / Gmail / Spam, Phishing and Malware. Under Organizational Unit, select your top-level organization (typically your primary domain) on the left, then:
- Add Phish Threat IP addresses to be whitelisted (found in Phish Threat Dashboard / Settings / Domains) to the Email whitelist configuration.
- Add Phish Threat IP addresses to be whitelisted to the Inbound Gateways configuration, then make sure to activate the message tagging option, enter a long random string in the Regex field, select the message is spam if regex matches option and tick Disable Gmail spam evaluation on email from this gateway, only use header value. Warning: make sure that these settings do not conflict with the use of the inbound gateway for other purposes in your specific configuration.
- Add domains used by Phish Threat (found in Phish Threat Dashboard / Settings / Domains) in a custom list and add the list to the Spam configuration.
Information adapted from an article found on a well documented Phish Threat competitor's KB ;-)
Moreover, according to my experience it's not needed to disable the Enhanced pre-delivery message scanning as was suggested here (https://community.sophos.com/phish-threat/f/discussions/93692/issue-with-delivery-of-emails-to-gmail-addresses) 4 years ago, by the way it would weaken Gmail malware detection capabilities, not a wanted side effect.
Edit: configuration tested again on 15 June 2022 and still working for me
This thread was automatically locked due to age.