Skip to content
English
More support Sign in
Contact us
  • There are no suggestions because the search field is empty.

Phishing Configuration Advanced Troubleshooting

Determining what may be causing unexpected results and behaviour when setting up phishing simulations

Although most customers will find the steps in the Microsoft and Google guides to be sufficient, there may be others that have additional services and platforms that also require configuration to allow both sign-in and phishing simulations to work as expected. 

The specific steps will vary depending on which provider you're using, and what level of services you've subscribed to. These services might include (but aren't restricted to):

  • Mimecast
    e.g. Email Security Cloud Gateway; Email Security Cloud Integrated; DMARC Analyzer; Secure Messaging; Web Security; etc. 
  • Barracuda
    e.g. BarracudaONE; Email Protection; Email Threat Scanner; Data Inspector; Web Security Gateway; etc.
  • Fortinet
    e.g. FortiMail Workspace Security; 
  • Sophos
    e.g. Sophos Email; Sophos Firewall; Sophos Endpoint; Sophos Central; Sophos Protected Classroom; etc.
  • Proofpoint
    e.g. Advanced Threat Protection; Email Protection
  • Trend Micro
    e.g. Trend Vision One;

With any of these services and providers, it is critical to ensure that the domains and IP addresses used by Secure Schools are added to any approved lists across the whole suite.

Magic Link emails are not working

If you’re trying to sign in using our Magic Link email system, but the link keeps saying it’s already been used, an additional email protection service is likely intercepting the email.

While updating the relevant service is the best solution, as a short-term workaround, you can use the option to sign in using Microsoft or Google.

No emails are delivered

If no emails are being delivered to your inboxes, even in the Junk or Spam folders, then you should ensure that all the domains and IP addresses listed on our KB have been added to your approved lists. Note that these are updated and maintained regularly, so it's worth checking them to see if any have been added since you configured your settings. 

Images are not displaying in phishing simulations

If you’re receiving phishing emails, but they are not displaying the images correctly, or they are obscured, this can also be due to a part of your security suite restricting the visibility of these. Again, the initial step should be to ensure that all the domains and IP addresses listed on our KB have been added to your approved lists. 

In addition, if your security suite provides for blocking image URLs discretely, using an Image Proxy or similar solution, then you should add the following domain(s) to the appropriate settings. 

secure-schools-production.s3.eu-west-1.amazonaws.com/
secure-schools-production-us-east.s3.amazonaws.com/
secure-schools-production-ap-southeast.s3.ap-southeast-2.amazonaws.com/

If you're using Google Workspace or Google for Education, then there are specific guidelines to follow here.