This document will demonstrate how to Allowlist in Sophos for the MetaCompliance Phish Module.  

1. Access the Sophos Central Cloud Admin Console.
2. Navigate to the Email Security Dashboard > General Settings.
3. Select 'Inbound Allow/Block', then click Add.
   (Please note: The example below displays the IP addresses for our European Data Centre. You will need to add the appropriate Data Centre IP addresses provided by your MetaCompliance Onboarding Technical Representative.)
   The list of Phish Sending IP Addresses for each Data Centre are available here.
4. Click Save. It is essential to add both 'Simulated Phish' sending IP addresses for your selected Data Centre.

Web Filtering - Add trusted sites to the URL Allow List in order to bypass scanning and blocking.

1. Go to Settings > Email Security - URL Allow List
2. Select Add, then enter the relevant simulated phishing domains using the following format:
   *.domain.name
   For example: *.amaz0n.website

3. After adding all pertinent domains, please save your changes and inform your MetaCompliance Support Representative.

   Note: MetaCompliance owns approximately 150+ simulated email domains. It is not necessary to add all of them; you may select a few domains that you intend to use and add those only. The complete list of domains that we own are available here.