Security Awareness Safelisting in Proofpoint Protection Services

Create a Policy Route of the necessary IPs

1. Click on System at the top, then Policy Route on the menu on the left
2. Click New Route at the top of the page
3. Give the Route an ID (No Spaces) and a Description (Suggest Proofpoint_PSAT)
4. Click on Add Condition
5. Select Sender IP Address for the Condition
6. Select Equals for the Operator
7. Enter one of the IP addresses for your region (Safelisting Guide)
8. Click Add and New Condition to enter the next IP
9. Repeat Steps 4 ~ 8 using the OR radio button at the top until all IPs are entered
10. Click Add Condition to close the pop-up
11. Click Save Changes at the top to save the Policy Route

Use the Policy Route to bypass the Spam Module

1. Click on Email Protection > Spam Detection > Settings > General
2. Verify Disable Processing for Selected Policy Routes is enabled
   • If not, click the checkbox to enable the feature
3. Select the Proofpoint_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
4. Click Save Changes

Use the Policy Route to Bypass the Anti-Spoofing Rules

1. Click on Email Protection > Email Firewall > Rules
2. Click Edit Rule for your current, active, anti-spoofing rule
3. Under Conditions, verify Disable Processing for Selected Policy Routes is enabled.
   • If not, click the checkbox to enable the feature
4. Select the Proofpoint_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
5. Click Save Changes

Use the Policy Route to Bypass the Anti-Virus Rule (CLEAR Implementations)

1. Click on Email Protection > Virus Protection > Settings > Rules
2. Verify Disable Processing for Selected Policy Routes is enabled
   • If not, click the checkbox to enable the feature
3. Under Conditions, verify Disable Processing for Selected Policy Routes is enabled
   • If not, click the checkbox to enable the feature
4. Select the Proofpoint_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
5. Click Save Changes

Use the Policy Route to Bypass TAP Attachment Defense

1. Click on Email Protection > Targeted Attack Protection > Attachment Defense > Settings
2. Verify Disable Processing for Selected Policy Routes is enabled
   • If not, click the checkbox to enable the feature
3. Select the Proofpoint_PSAT Policy Route from the list and use the >> button to move it to the Disable for any of box
4. Click Save Changes 

Note: The policy route built to tag the Phishing  messages should also be disabled on the System > Settings > System menu, under the Enable Traffic Statistics Feedback to Proofpoint options, in the Disable Processing list.

IMPORTANT: If additional filtering is occurring after PPS\TAP, it will be necessary to create an additional rule to add a header and value to the email for further safelisting downstream.

Create a Rule for adding a header using the created Policy Route

1. Click on Email Protection > Email Firewall > Rules
2. Click Add Rule
3. Enable the new rule by clicking the On option under Enable
4. Give the Route an ID (No Spaces) and a Description
5. Click the option to Restrict Processing and select the Policy Route previously created
6. Click Add Condition
7. Select Message Size for the Condition and Greater Than or Equal for the Operator
8. Set the Value for 1 then click Add Condition
9. Under Dispositions, click Change Message Header
10. Select Add Header for the Operation
11. Provide a name for the Header, then add a Value
12. Click Add, then Save to make the rule active

Note: When generating a header, create one that aligns to your organization’s standards and allows Administrators to easily identify.

If the message from the Platform is still being blocked, first use PPS SmartSearch and Exchange Search to see what is blocking the messages.