If you are using Barracuda Email Security Gateway or Barracuda Email Security Service, you may need to allow-list usecure’s phishing simulation and security awareness training emails to ensure they are delivered successfully to your users.
This guide explains how to configure allow-listing within Barracuda for:
Before You Begin
Before configuring allow-listing in Barracuda, ensure you have access to:
Your Barracuda administration console
usecure’s current sending IP addresses and domains
You should also verify whether you are using:
Barracuda Email Security Service (Cloud)
Barracuda Email Security Gateway (On-Premises)
The configuration steps differ slightly depending on your deployment type.
Allow-Listing by IP Address
Barracuda Email Security Service (Cloud)
To allow-list by IP address in Barracuda Cloud Control:
Log in to your Barracuda Cloud Control portal.
Navigate to: Email Security > Inbound Settings > IP Address Policies
Under IP Blocking / Exemption, enter one of usecure’s IP addresses.
In the Netmask field, enter:
255.255.255.255This value specifies that the rule applies to a single IP address only.
Set the Policy field to:
ExemptOptionally, add a comment such as: 'usecure Allow-List'
Click Add.
Repeat the process for all usecure IP addresses.
Barracuda Email Security Gateway (On-Premises)
To configure allow-listing on Barracuda Email Security Gateway:
Log in to the Barracuda Email Security Gateway web interface.
Navigate to: BLOCK/ACCEPT > IP Filters
Under Allowed IP/Range, enter one of usecure’s IP addresses.
Enter
255.255.255.255in the Netmask field.Set the Policy field to:
ExemptOptionally, add a comment. For example 'usecure Simulated Phishing IP Address'.
Click Add.
Repeat for all usecure IP addresses.
Configure Intent Analysis Exemptions
Barracuda’s Intent Analysis feature may rewrite or analyse links contained within simulated phishing emails. This can interfere with phishing simulations and tracking accuracy.
Barracuda Email Security Service (Cloud)
Log in to Barracuda Cloud Control.
Navigate to: Email Security > Inbound Settings > Anti-Phishing
Under the Intent section:
Add usecure domains
Set the policy to:
Ignore
Barracuda Email Security Gateway (On-Premises)
Log in to the Barracuda Email Security Gateway interface.
Navigate to: Basic > Spam Checking
Under Intent Analysis, add usecure domains to the
URI Exemptionsfield.
Configure Sender Authentication (SPF) Exemptions
If you are using domain spoofing in phishing simulations, Barracuda SPF checks may block or quarantine simulation emails.
Barracuda Email Security Service (Cloud)
Log in to Barracuda Cloud Control.
Navigate to: Email Security > Inbound Settings > Sender Authentication
Add usecure IP addresses to the SPF exemption list.
Barracuda Email Security Gateway (On-Premises)
Log in to the Barracuda Email Security Gateway interface.
Navigate to: BLOCK/ACCEPT > Sender Authentication
Under Sender Policy Framework (SPF) Configuration, ensure SPF checking is enabled.
Add usecure IP addresses to the exemption list.
Configure ATP Exemptions
Barracuda Advanced Threat Protection (ATP) may scan attachments or links within simulated phishing emails, causing false positives or inaccurate reporting.
To configure ATP exemptions:
Log in to the Barracuda Email Security Gateway interface.
Navigate to: ATP Settings
Add usecure IP addresses and subnet mask to the exemption list.
Click Add.
Configure Barracuda Sentinel Allow Senders
If your organisation uses Barracuda Sentinel, you may also need to configure allowed senders. To add allowed senders:
Log in to the Barracuda admin console.
Select: Dashboard > Settings (Gear Icon) > Allowed Senders
Enter a sender email address or domain.
Optionally, add a comment.
Click Save.
Note: Barracuda Sentinel only allows one email address or domain to be added at a time.
Verify Your Configuration
After configuring your allow-list settings, send a test phishing simulation to confirm emails are delivered correctly and links are not modified by Barracuda security features.