topic Re: Workspace Allowlist in Peer-Peer Topics

Workspace Allowlist

alexgrutza — Tue, 23 Jul 2024 18:42:40 GMT

What are people's thoughts on having 122 IPs/ranges in the allowlist? If the sender has their email system configured properly, shouldn't we not have to have their IPs in the allowlist?

I'm doing some cleanup in preparation for switching to mimecast email gateway, and am wanting to clean up as much old stuff that was improperly configured before my time as possible, and I feel like this is a big one.

Shouldn't a lot of these spam filtering be based on email address instead of IP? We have a lost of amazon IP's and it's probably because a system of ours is ran through a vendor that's running on aws...

Re: Workspace Allowlist

Kim_Nilsson — Mon, 05 Aug 2024 14:19:53 GMT

Just checked and then changed our settings today.
https://admin.google.com/ac/apps/gmail/spam?hl=en

Cleared it out, so it looks this nice now. 🙂

Earlier this year, I had three (3) IPs there, all part of an anti-phishing training campaign, where you have to tell Gmail to ignore such emails, else Gmail will absolutely tag them as spam. 🙂

So, NO, having 122 IPs excluded is NOT normal or recommended.

I also recommend telling your vendors to use proper SPF and DKIM, and just let them send from their own domains. I don't want people learning that it's fine to receive emails from external services with spoofed addresses from our domain.

Re: Workspace Allowlist

alexgrutza — Mon, 05 Aug 2024 15:06:01 GMT

Yeah I'm going to be clearing it out except for very specific systems (phishing training, emergency alert system, student admission system, etc)