Release Notes
      Back to home
      1. Help Center
      2. Release Notes

      November 2024: Release Notes 3.16 🦃

      November's release includes Phin's newest feature set, the Microsoft Automated Allowlisting integration (Open Beta).

      Updated IPs (Allowlisting)

      ACTION REQUIRED: Phin Security has updated its email service provider and IP addresses. This means that all Phin partners must update their allowlisted IPs for all clients by 1/6/2025 to continue sending simulated phishing emails. Failure to update allowlists will result in a failed delivery.

      If your end-users are in Outlook, ensure the following IPs are listed in Microsoft Defender > Advanced Delivery > Phishing Simulation.

      • 198.2.177.227
      • 198.244.59.179
      • 35.237.125.73
      • 198.2.178.214
      This can be done manually or using our new Automated Allowlisting solution. At this time, Automated Allowlisting is only available for Microsoft users.
      • Important Note: Automated Allowlisting should take no more than a couple of minutes per company and can be done simultaneously in new tabs (you don't have to wait for one company to finish before proceeding to the next).

      Google Workspace Users
      If your end-users are in Google, follow the steps in this Google Workspace Admin article to ensure the IPs listed above are included in your allowlist.


      3rd Party Tools       (Ex: Inky, Barracuda, Avanon, etc.)

      If you are using third-party software, you must add the IPs listed above to those platforms.


      Graph API Mail Delivery Users

      For tenants only using Graph API Mail Delivery, we strongly recommend using the automated allowlisting tool or following the manual steps in addition to enabling Graph API Mail Delivery to ensure the delivery of phishing and training emails.


      Automated Allowlisting for Microsoft

      Automated allowlisting performs all the steps for you listed in manual allowlisting with the single press of a button. Follow these instructions to enable automated allowlisting at the company level.

      Mail Flow Rule: Financial Banner

      This feature, a subset of the Microsoft Automated Allowlisting integration set, will add a banner to the top of all end-user emails that include certain keywords. Learn more here.

      MailFlowRule-Success-Screenshot-png

      Improvements to Graph API Message Sending (DMI)

      Our engineering team has been working hard behind the scenes over the past few releases to rework and overhaul our Graph API sending integration to make it easier to use and work across more tenants and deployments.

      The largest improvement has been a complete rework of how we handle sending messages via Graph. It is significantly more durable and has been updated to work across more tenant configurations and environments. Attachment sending for Graph API messages has also been tweaked to work better across configurations.

      False positive detection has also been improved and expanded. This now covers more known Microsoft filtering services that caused links to be clicked even with the integration enabled in some environments.

       

      Knowledge Base

      Phin works to update our Knowledge Base with new features with every release. You can read about the platform and its updates here: https://www.phinsec.io/knowledge.

      Thanks for using our product!

      We use all feedback to help drive Phin's development direction. Please keep reaching out and helping us shape the product's future! All ideas are welcome; please keep them coming!

      The Dev Team @ Phin

      Need help or have an idea for us? Click here!