Whitelisting with Google Apps

Version 5

    The Google Apps antispam system uses a unique means of whitelisting. Customers on shared IPs should whitelist Marketo's entire sending ranges, because we sometimes need to move customers between IPs for technical reasons. The way to whitelist a range in Google Apps is to configure a manual IP block with a pass through.

     

    G Suite enables you to specify an IP address or range of addresses within a domain, and allow messages from those addresses only. This feature is sometimes referred to as IP lock. In G Suite, you set up this feature in the Content compliance setting.

    IP lock is a method that readily enables an administrator to simultaneously whitelist all incoming traffic from a particular domain while equally preventing spoofing by manually defining the allowed IP ranges. The following instructions are particularly useful with domains that do not have an SPF record and/or use third party applications to legitimately spoof their address.

    Setting up IP lock with the Content compliance setting includes three separate procedures: Adding the domain, defining the allowed IP range, and setting the correct disposition and NDR.

     

    See this page of Google documentation for more information:

    Enforce 'IP lock' in G Suite - G Suite Administrator Help

    Instead of using a CIDR range, this interface asks for the first and last IPs in the given range. Here are ours:

     

    199.15.212.0 - 199.15.212.255

    199.15.213.0 - 199.15.213.255

    199.15.214.0 - 199.15.214.255

    199.15.215.0 - 199.15.215.255

    192.28.146.0 - 192.28.146.255

    192.28.147.0 - 192.28.147.255

    94.236.119.0 - 94.236.119.63

    185.28.196.0 - 185.28.196.255

    103.237.104.0 - 103.237.104.255

    103.237.105.0 - 103.237.105.255

     

    Is this article helpful ?

    YesNo