Allowlisting your e-shot domain

What is allow list and why use it?   

Allowlist (previously known as whitelist - see https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white) is essentially a list of email addresses you or your organisation approve as safe senders to help ensure that communication from these senders is trusted and gets delivered and not identified as spam or junk. 

If you use e-shot to send your communication to your subscribers, and it includes contacts in your own organisation, or if you only send internal comms, you may need to ensure that your sender identity is added to your allowlist because your internal systems may identify your external sender address as potentially someone that is trying to impersonate you despite all the correct technical authentication. 

You can include a sender in your allowlist, depending on your email client (outlook desktop, Outlook browser, Gmail, etc.) by marking the sender email or sender’s domain ‘never block’ or always accept from. But remember that it will only secure the delivery to your inbox, your colleagues may still have a problem. 

A much more efficient way to ensure that all emails are received organisation-wide, will require your IT team to add your sending credentials at server level. 

Please contact the customer success team for the technical details to pass on to your IT. 

 

UPDATE EXCHANGE ONLINE CONFIGURATION 

Allow Domain and IPs 

  1. Sending IP range 
    In the Exchange admin centre, protection, connection filter (may be under default), edit, connection filtering, add to the Allowed IP Address the following IP range: 
     

IP Range 

  • 2.58.4.0/22 

  • 154.46.89.0/24 

or if Exchange Online does not enable /22 CIDR, use these: 

  • 2.58.4.0/24 

  • 2.58.5.0/24 

  • 2.58.6.0/24 

  • 2.58.7.0/24  

 

  1. Sending Domains and support domains 
    In the Exchange admin centre, protection, spam filter, edit the active policy, allow lists, Domain allow lists, + , add domains: 
    comms.yourorganisation.gov.uk 
    e-shot.net 
    forfront.com 

 

Also recommend by NCSC (Optional) 

Enforce TLS v1.2 (for security communication and support)

In Exchange admin centre, Mail flow, Connectors, add a connector. 

  1. Use of connector to include: 
    e-shot.net 
    forfront.com 

  1. Apply the security restriction to Always use TLS to secure the connection when issued by a trusted CA