Fortinet safelisting guide

Fortinet's FortiMail: Configuring the safe lists

We recommend safe listing BullPhish ID in Fortinet FortiMail if your users experience issues in receiving phishing simulation/training emails. The instructions below include information from Configuring the block lists and safe lists. If you run into issues with safe listing BullPhish ID in FortiMail, we recommend contacting FortiMail for specific instructions. You can also contact our support team whenever you need assistance.

  1. Go to Security > Block/Safe List > System.
  2. To allow email by sender, select Safe from the List.
  3. Click New to add an email address, domain name, or IP address of the sender you wish to add to the block or safe list. For valid formats, see About block list and safe list address formats. Or the most up-to-date list of our IP addresses, see the article Reference guide for deliverability.
  4. Click Create.

Fortinet's FortiGate: Safelisting by Static URL Filter  

We recommend safe listing BullPhish ID in Fortigate's web filter if your users experience issues accessing our landing pages or training portal. The instructions below include information from FortiGate's Static URL Filter article. We recommend contacting FortiGate for specific instructions if you run into issues safe listing BullPhish ID in FortiGate.

  • You can also contact our support team whenever you need assistance.
  • You can allow access to our phish and landing domains by adding them to your Static URL Filter list in your Fortigate firewall. The FortiGate web filter enables web pages to match the URLs you specify. 

NOTE  Safelisting with web rating overrides is another method of safe listing offered by Fortinet. This method is for organizations using Fortiguard categories. For more information on this method, please see Fortinet's Web rating override article.

  1. Log in to your Fortinet account.
  2. Navigate to Security Profiles > Web Filter.
  3. Create a new web filter or select one to edit.
  4. Expand Static URL Filter, enable URL Filter, and select Create.
  5. Enter the URLs without the "HTTPS." You can find a list of phishing/training URLs in the article Reference guide for deliverabilityin the Training and Phishing Simulation URLs to allow section.
  6. Select Type: Simple.
  7. Select the Action to take against matching URLs: Allow.
  8. Confirm that Status is enabled.