Articles on: 👍 Initial Setup

❇️ How to allow Arsen simulations by IP address on Google Workspace/Google Apps? (Recommanded)

This process allows you to authorize our phishing simulations if you are using Google Workspace or Google Apps.

If you have a cloud filtering system (anti-spam, anti-phishing) upstream, we recommend authorizing our phishing simulations on Google Workspace/Apps through the email header authorization process and authorizing us with your filtering solution via our IP address.


Step 1: Add the Arsen IP address to your whitelist
Step 2: Add the IP address as an inbound gateway.


To be able to apply this procedure, you must have access to the administration console of your Google Workspace / Google Apps account.

Step 1: Add the Arsen IP address to your whitelist

Log in to

Select Applications

Select Google Workspace

Click on Gmail

Select Spam, phishing and malware (this setting may be in the Advanced Settings menu in previous versions of Google Apps)

On the left, in organizational unit, select your primary domain name

In the Whitelist section, enter the IP address and click Save

From now on, our emails will arrive in your employees' inbox.

However, you also need to follow the next step to avoid banners that could artificially improve your employees' detection capacity.

Step 2: Add the IP address as an inbound gateway

This step reduces the number of visual alerts in your employees' mailbox for our phishing simulations.

Still in Admin Console > Apps > Google Workspace > Gmail

Select Spam, Phishing and Malware.

Click on the Inbound Gateway section.

Select the Enable checkbox

In the Gateway IPs table, click ADD and enter the IP address and click Save

Select Require TLS for connections from the email gateways listed above and ensure Automatically detect external IP (recommended) and Reject all mail not from gateway IPs are NOT selected.

⚠️ Unless you know what you are doing, we don't recommend selecting Reject all mail not from gateway IPs as it could prevent external emails reaching your mailbox (read more about it). Read more

In Message Tagging, select Message is considered spam if the following header regexp matches

In the Regex text field, enter an arbitrary value such as fjlriohdftoiuyagdfjhvkbj. This value will never match a header that we will send, which will bypass spam detection through the following two steps.

Select Message is spam if regexp matches

Select Disable Gmail spam evaluation on mail from this gateway; only use header value.

Click SAVE to complete this step.

Updated on: 07/11/2023

Was this article helpful?

Share your feedback


Thank you!