How to set up a safe listing in Fortinet
Fortinet's FortiMail: Configuring the safe lists
We recommend safe listing BullPhish ID in Fortinet FortiMail if your users experience issues in receiving phishing simulation/training emails. The instructions below include information from Configuring the block lists and safe lists. If you run into issues with safe listing BullPhish ID in FortiMail, we recommend contacting FortiMail for specific instructions. You can also contact our support team whenever you need assistance.
- Go to Security »Block/Safe List » System.
- To allow email by sender, select Safe from the List
- Click New to add an email address, domain name, or IP address of the sender you wish to add to the block or safe list. For valid formats, see About block list and safe list address formats. Or the most up-to-date list of our IP addresses, please see Guides & FAQ -> Reference Guide for Deliverability
- Click Create.
Fortinet's FortiGate: Safelisting by Static URL Filter
We recommend safe listing BullPhish ID in Fortigate's web filter if your users experience issues accessing our landing pages or training portal. The instructions below include information from FortiGate's Static URL Filter article. We recommend contacting FortiGate for specific instructions if you run into issues safe listing BullPhish ID in FortiGate.
- You can also contact our support team whenever you need assistance.
- You can allow access to our phish and landing domains by adding them to your Static URL Filter list in your Fortigate firewall. The FortiGate web filter enables web pages to match the URLs you specify.
Note: Safelisting with web rating overrides is another method of safe listing offered by Fortinet. This method is for organizations using Fortiguard categories. For more information on this method, please see Fortinet's Web rating override article.
- Log in to your Fortinet account.
- Navigate to Security Profiles » Web Filter.
- Create a new web filter or select one to edit.
- Expand Static URL Filter, enable URL Filter, and select Create.
- Enter the URLs without the "HTTPS." You can find a list of phishing/training URLs under the Guides & FAQ -> Reference Guide for Deliverability guide » Training and Phishing Simulation URLs section
- Select Type: Simple
- Select the Action to take against matching URLs: Allow
- Confirm that Status is enabled.