Configuring Barracuda for Phin Security Integration

If using Barracuda, admins may need to configure their Barracuda instance to accommodate Phin IPs, URLs, and domains.

If you have any issues with Barracuda, please reach out to the Barracuda support team.

Allowlisting

If you are using Barracuda’s Email Security Service (ESS), follow these steps to allowlist Phin’s phishing-simulation traffic by IP address:

1. Log in to your Barracuda Cloud Control portal.
2. Navigate to:
  Email Security → Inbound Settings → IP Address Policies
3. In the IP Blocking / Exemption section, use the top entry line to add Phin’s IP addresses.
4. Set the Policy field to: Exempt
5. (Optional) Add a comment such as:
  “Phin Simulated Phishing IP Address”
6. Click Add to save the allowlist entry.
7. Repeat steps 3–7 for each of Phin’s IP addresses.

If you are using the Barracuda Email Security Gateway (on-prem appliance)

Log in to your Barracuda Email Security Gateway web interface.
Navigate to:
BLOCK/ACCEPT → IP Filters
In the Allowed IP/Range section, use the top entry line to add Phin’s IP addresses.

Allow/Block List: For more information on how to allowlist in Barracuda, check out the Barracuda Email Security Service - Configuring Inbound Email video.

Bulk Email Exemptions

Exempt trusted email addresses and domains from bulk email detection.

Note that this feature is only available in the new Email Gateway Defense.

In the Bulk email exemptions section, enter the email address or domain.
Select whether this is a sender or a recipient exemption.
Optionally, enter a Comment for the exemption.
Alternatively, use the Bulk Edit button.
Click Add in the Actions column, and click Save Changes.

Barracuda Sender Authentication

For Barracuda Email Security Service (cloud):

Log in to Barracuda Cloud Control.
Go to Email Security > Inbound Settings > Sender Authentication.
In the Use Sender Policy Framework section, add our IP addresses to the SPF exemptions table.

For Barracuda Email Security Gateway (on-premises):

Log in to your Barracuda Email Security Gateway web interface.
Navigate to Email Security > Block/Accept and select Sender Authentication.
In the Sender Policy Framework (SPF) Configuration section, choose Yes.
Add the Phin IP addresses to the exemption list.

Barracuda Advanced Threat Protection (ATP)

If you use Barracuda's Advanced Threat Protection (ATP) and have experienced false clicks or false attachment opens, you can configure exemptions. These exemptions allow phishing test emails from Phin’s IP addresses to bypass PDF scanning.

To set up exemptions to bypass ATP PDF scanning:

Log in to your Barracuda Email Security Gateway web interface.
Go to the ATP Settings tab.
Enter the IP addresses.
Click Add.

Barracuda Sentinel – Allow Senders List

Using Barracuda Sentinel’s Allow Senders list lets Phin emails bypass your organization’s existing allowlisting rules. For more details, see Barracuda’s How to Allow Senders article.

To add senders to your Allow Senders list:

Log in to your Barracuda admin console.
Click Dashboard in the console menu.
Click the Settings icon (gear).
Select Allowed Senders.
Enter the domain(s) name in the Domain field.
- Note: For security reasons, only one domain can be added at a time. Repeat steps 5–7 for additional entries.
Optionally, add a comment for the domain.
Click Save.

Resources

Barracuda Email Security Service - Configuring Inbound Email

Intent Analysis - Inbound Mail

How to Configure Sender Policy Framework

Advanced Threat Protection (ATP)

How to Allow Senders