Configuring Gmail for Secure Schools Phishing Simulations

Critical configuration information to ensure the successful implementation of our Phishing Simulations

Without completing this step, Google's scanning systems will likely regard phishing simulation emails as spam or phishing and block them. At the same time, it's also important not to undermine the inbuilt security features of Google Workspace and Gmail, which could allow an attacker to spoof the domain names used by our phishing simulator.

To ensure that Secure Schools Phishing Simulations are successful and safe, the school or trust's email environment must be configured to recognise the emails as trusted phishing simulations.

The objectives of this guide are as follows:

Gmail takes no action for Secure Schools Phishing Simulations
Keep SPF, DKIM and DMARC controls in place
Keep malware controls in place.

With the above in mind, follow these step-by-step instructions to allow Secure Schools Phishing Simulation emails through the Gmail filters while maintaining SPF, DKIM and DMARC controls.

Allow listing Secure Schools' Phishing Domain

Step 1: Log into admin.google.com
From the vertical menu, click on Apps, select Overview from the drop-down list, and then select Google Workspace.

Step 2: Select Gmail

Step 3: From the Gmail settings, scroll down and click on 'Spam, Phishing and Malware'.

Step 4: On the Spam section, click on CONFIGURE

Step 5: Add a description (e.g., Secure Schools Phishing Domain).
Click on Create or edit list.

Step 6: Click on ADD ADDRESS LIST

Step 7: Add the Secure Schools Phishing Domains listed below, ensuring to leave 'Authentication required (received mail only)' ticked for each.

emaildistributionhub.co.uk
notificationdistributionhub.co.uk
emaildistributionhub.com
notificationdistributionhub.com
emaildispersalhub.co.uk
emaildispersalhub.com
maildispersalhub.com
notificationdispersalhub.co.uk
notificationdispersalhub.com

Please note that the above list is regularly updated and may include additional domains not included in the screenshots.

Step 8: Once each has been entered, click Save.

Step 9: Click on Use existing list

Step 10: Select the address list you created.

Step 11: Click Save.

Step 12: Navigate back to the Gmail Settings page and select Compliance

Step 13: Navigate to the Content Compliance section.

Step 14: Click Add a rule.

Note: If you have previously created a Content Compliance rule, this option will be called Add Another Rule.

Step 15: In the Email messages to affect field, select the Inbound and Internal - receiving check boxes.

Step 16: Under the Expressions tab, click the first drop-down menu.

Step 17: From the first drop-down menu, select if ANY of the following match the message and click Add.

Step 18: Update the settings in the Add expressions that describe the content you want to search for in each message area. For more information about these settings, see the screenshot and list below:

i) From the first drop-down menu, select Advanced content match.
ii) In the Location field, select Full headers.
iii) In the Match type field, select Contains text.
iv) In the Content field, enter the header text.
(The Secure Schools header is X-PHISHTEST)
v) Click Save.

Step 19: If the above expressions match, do the following field, select the Bypass spam filter for this message check box under Spam, and click Save

Congratulations, your school or trust's Google Workspace tenancy has been configured to receive phishing simulation emails safely!