The Google Apps antispam system uses a unique means of allowlisting. Customers on shared IPs should allowlist Marketo's entire sending ranges, because we sometimes need to move customers between IPs for technical reasons. The way to allowlist a range in Google Apps is to configure a manual IP block with a pass through.
|
G Suite enables you to specify an IP address or range of addresses within a domain, and allow messages from those addresses only. This feature is sometimes referred to as IP lock. In G Suite, you set up this feature in the Content compliance setting.
IP lock is a method that readily enables an administrator to simultaneously whitelist all incoming traffic from a particular domain while equally preventing spoofing by manually defining the allowed IP ranges. The following instructions are particularly useful with domains that do not have an SPF record and/or use third party applications to legitimately spoof their address.
Setting up IP lock with the Content compliance setting includes three separate procedures: Adding the domain, defining the allowed IP range, and setting the correct disposition and NDR.
|
See this page of Google documentation for more information:
Enforce 'IP lock' in G Suite - G Suite Administrator Help
Instead of using a CIDR range, this interface asks for the first and last IPs in the given range. Here are ours:
199.15.212.0 - 199.15.212.255
199.15.213.0 - 199.15.213.255
199.15.214.0 - 199.15.214.255
199.15.215.0 - 199.15.215.255
192.28.146.0 - 192.28.146.255
192.28.147.0 - 192.28.147.255
94.236.119.0 - 94.236.119.63
185.28.196.0 - 185.28.196.255
103.237.104.0 - 103.237.104.255
103.237.105.0 - 103.237.105.255
130.248.172.0 - 130.248.172.255
130.248.173.0 - 130.248.173.255
Is this article helpful ?
YesNo
.png)