IP/Domain Whitelist in Google Workspace

Note: Please contact Sophos Professional Services if you require direct assistance with your specific environment.

Add IPs to the Email Allowlist

  • In Google Admin, go to Apps > Google Workspace > Gmail > Spam, phishing and malware > Select the right Org Unit from left nav >Then select “Email allowlist”

  • Add the relevant IPs that you want to be whitelisted <IPs are different for phish and email>

Add IPs and other settings in the Inbound gateway

  • In the “Spam, phishing and malware”, select Inbound gateway
  • Check ‘Enable’ Gateway IPs. Under Gateway IPs,
    • Add the IPs to be whitelisted <For phish/email>
    • Check “Automatically detect external IPs”
    • Check “Require TLS for connections from the email gateways listed above”
  • Under Message Tagging,
    • Check Message is considered spam if the following header regexp matches
    • Under Regexp, enter a random text that is very unlikely to match with header content
      e.g., “349834hjedjsfkds==-0sdfee3”
    • Select “Message is spam if regexp matches”
    • Check “Disable Gmail spam evaluation on mail from this gateway; only use header value”

(Applicable Only to PhishThreat) Add domains and other settings in “Spam” section

  • In the “Spam, phishing and malware”, select Spam
  • Configure a new spam setting:
  • Finally, click “Save”

Removed KB
[edited by: emmosophos at 12:25 AM (GMT -8) on 28 Jan 2023]