If you have a cloud-based spam filter in front of GSuite this would be the suggested setting. If you are using GSuite for your mail without an additional spam filter, you can Trust-listing by IP Address instead. You will also need to trust-list the Cyber Risk Aware Domain and IP address in your cloud-based spam filter to make sure successful delivery of emails.


  1. Sign in to your Google Admin console.

    Sign in using an administrator account, not your current account ie [email protected]

  2. From the Admin console dashboard, go to Appsand thenGoogle Workplaceand thenGmailand thenCompliance.

  3. Under the Compliance section, scroll to the Content Compliance section.

  4. Click on Add another rule.

  5. Check the box next to Inbound and Internal - receiving under 1. Email messages to affect

  6. Under 2. Add expressions that describe the content you want to search for in each message Select If ANY of the following match the message in the first drop-down menu.

  7. Click Add below the Expressions tab.

  8. From the second drop-down menu, select Advanced content match

  9. Fields should read as follows

    • Advanced content match
    • Location should be Full Headers
    • Match type should be  Contains text
    • Content should be X-Cra-CamMail
    • SAVE the form
  10. In the 3. If the above expressions match, do the following section, select Bypass spam filter for this Message under Spam and click SAVE.



Upon making these changes, please wait an hour or so before testing to allow changes to replicate throughout the system. We would advise testing a phishing campaign on yourself or a small group to confirm that the changes you made were successful.