Trust-listing is an important facility for the successful implementation and usage of the Cyber Risk Aware Platform. All clients of the Cyber Risk Aware platform MUST whitelist our mail server to allow the successful delivery of Mock Phishing and Training emails. This is a requirement for all mail service providers. 


Trust-listing by IP - Email Security gateway (on-prem):


  1. Log in to your Barracuda Email Security Gateway web interface.
  2. Go to the BLOCK/ACCEPT > IP Filters page.
  3. In the Allowed IP/Range section, enter 192.254.120.51 in the IP/Network Address field.
  4. In the Netmask field, type 255.255.255.255.
  5. Optionally, add a note in the Comment field referencing Cyber Risk Aware.
  6. Click Add to whitelist the IP address.
  7. Complete steps 2 through 6 to add the second IP, 168.245.104.162.



Or trust-listing by domain -  Email Security gateway (on-prem):


  1. Log in to your Email Security Gateway web interface.
  2. Go to the BLOCK/ACCEPT > Sender Filters page.
  3. In the Allowed Email Addresses and Domains section, enter the domain name, cyberriskaware.com to trust-list.
  4. Optionally, add a note in the Comment field.
  5. Click Add to whitelist the entered domain
  6. Complete steps 2 through 5 for the remainder of the domains below.





Trust-listing by IP - Email Security Service (cloud):


  1. Log in to your Barracuda Cloud Control.
  2. Go to the Email Security > Inbound Settings > IP Address Policies.
  3. In the IP Blocking / Exemption section, enter 192.254.120.51 in the IP/Network Address field.
  4. In the Netmask field, type 255.255.255.255.
  5. Optionally, add a note in the Comment field referencing CyberRiskAware.
  6. Click Add to whitelist the IP address.
  7. Complete steps 2 through 6 to add the second IP, 168.245.104.162.


Other articles that may be relevant depending on setup are:


https://campus.barracuda.com/product/emailsecurityservice/doc/3211276/intent-analysis-inbound-mail/?welcome-to-campus=techlibrary – Trust-listing may be needed to prevent URLs in simulated phishing templates from being altered.


https://campus.barracuda.com/product/emailsecuritygateway/doc/3866643/sender-authentication - If you are intending to spoof your own domain in simulated phishing campaigns you will need to update your SPF records with our IP addresses (192.254.120.51 and 168.245.104.162).