Back to all articles

Allowlisting (Whitelisting) in Barracuda

If you are using Barracuda's Email Security Service (cloud-based), follow these steps to allowlist Barracuda by IP address.

  • Log in to your Barracuda Cloud Control.
  • Go to Email Security > Inbound Settings > IP Address Policies.
  • In the 'IP Blocking/Exemption' section, use the top line to enter one of our IP addresses. This process will need to be repeated for each IP address for SendGrid customers. The IPs are:
    • 167.89.62.239 (Phishing Emails)
    • 168.245.49.92 (Registration Emails)
    • For AWS customers, the IPs are 54.240.90.56 and 54.240.90.57
  • In the 'Netmask' field, type 255.255.255.255.
  • Set the 'Policy' field to Exempt.
  • If you wish, add a note in the 'Comment' field, e.g. MetaCompliance Simulated Phishing IP Address.
  • Click Add to allowlist the IP address.
  • Repeat Steps 2 through 7 for each of the MetaCompliance IP addresses.

If you are using Barracuda's Email Security Gateway (on-premises), follow these steps to allowlist Barracuda by IP address:

  • Log in to your Barracuda Email Security Gateway web interface.
  • Go to the BLOCK/ACCEPT>IP Filters page.
  • In the 'Allowed IP/Range' section, use the top line to enter one of our IP addresses. This process will need to be repeated for each IP address for SendGrid customers. The IPs are:
    • 167.89.62.239 (Phishing Emails)
    • 168.245.49.92 (Registration Emails)
    • For AWS customers, the IPs are 54.240.90.56 and 54.240.90.57.
  • In the 'Netmask' field, type 255.255.255.255.
  • Set the 'Policy' field to Exempt.
  • If you wish, add a note in the 'Comment' field, e.g. MetaCompliance Simulated Phishing IP Address.
  • Click Add to allowlist the IP address.

Barracuda Intent Analysis

You may need to allowlist us in Barracuda's Intent Analysis feature to prevent the URLs in simulated phishing tests from being altered, potentially resulting in skewed phishing test results. See this article from Barracuda explaining this process.

If you are using Barracuda's Email Security Service (cloud-based), follow these steps to allowlist Barracuda's Intent Analysis:

  1. Log in to your Barracuda Cloud Control.
  2. Navigate to Email Security>Inbound Settings>Anti-Phishing.
  3. Under the 'Intent' section, add the hostnames. Make sure the 'Policy' drop-down is set to Ignore.

If you are using Barracuda's Email Security Gateway (on-premises), follow these steps to allowlist Barracuda's Intent Analysis:

  1. Log in to your Barracuda Email Security Gateway web interface.
  2. Navigate to Email Security Gateway > Basic > Spam Checking.
  3. Under the 'Intent Analysis' section, add the hostnames to the URI Exemptions text box field.

Barracuda Advanced Threat Protection (ATP)

If you are using Barracuda's Advanced Threat Protection (ATP), and have experienced false clicks or false attachment opens, you can set up Exemptions to allow you to bypass PDF scanning for phishing test emails from our IP addresses.

To set up Exemption addresses to bypass ATP PDF Scanning:

  1. Log in to your Barracuda Email Security Gateway web interface.
  2. Select the 'ATP Settings' tab.
  3. Enter the IP address(es) and Subnet Mask(s). 
  4. Click Add.

Barracuda Sentinel Allow Senders

Using Barracuda Sentinel’s 'Allow Senders' list allows MetaCompliance emails to bypass your organisation’s current allowlisting rules. See Barracuda’s How to Allow Senders article for more information.

To add specific senders to your 'Allow Senders' list:

  1. Log in to your Barracuda admin console.
  2. Click Dashboard in your console menu.
  3. Select the 'Settings' icon which should appear as a 'cogwheel'.
  4. Click Allowed Senders.
  5. Enter one email address or domain name into the Sender Email or Domain field.
  6. You can add a comment to your email address or domain name if you wish.
  7. Click Save.

The hostname and Sender domain will be the same. It will depend on whichever sender email address you select during phish creation, i.e. internalmail.info