Users are more likely to engage with content from a sender they know. Consider using your own domain or subdomain in your Security Awareness Training campaigns to make them appear more familiar to your users.
The following sections describe why you might want to use your domain or subdomain for various uses within Security Awareness Training, along with the required steps:
- Using your Own Domain for Sending Emails
- Using Your Own Domain for Both Landing Pages and Sending Emails
- Using Your Own Subdomain for Both Landing Pages and Sending Emails
- Using Your Own Domain for Links within Training Invitation Emails (Customer Awareness Domain)
For related information, refer to Choosing How to Send Training Invitations.
Using your Own Domain for Sending Emails
You might choose to send emails from a valid email account on a corporate email server to:
Send training invitations from a valid internal account so your users can confidently click on the training without thinking it is a phishing attack.
- Send out information security announcements and use Security Awareness Training to track which users interacted with your message.
- Simulate a phishing attack from a "compromised" internal account.
To enable Security Awareness Training to send emails from your domain:
- Add the following to your DNS SPF TXT record:
ip4:64.132.201.93/32 ip4:74.203.211.13/32 ip4:207.67.44.189/32 ip4:3.145.232.16/28 - Add the following DKIM DNS node/host name to your domain:
pl33487c._domainkey. Under the new
pl33487c._domainkey node/host nameyou just created, add the following TXT record:
Tip: This information must be on a single line. To copy the text below, click Copy. Or triple-click on the text to select the entire content, then copy it.v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDgQnwg9wDdMBi74t+PGuUEb3DK6Rl5M0z/BFM49LBSFa7akWHYXoDBMEzkH4cL+WcpuOuJSQIuX7cITMpLqthyPpIWyufj/q0WpqYxTHR5vmDqeOlTO+c3LN6Ug0sRpxH3cvRAM80x/NFJ8H+66NZLSn874dkQSoc6ACkl98CkwIDAQAB- Add the following DMARC DNS node/host name to your domain:
_dmarc. - Under the new
_dmarc node/host nameyou just created, add the following TXT record:
v=DMARC1;p-none; - Contact Barracuda Support. Provide your domain name and request that they add it to Security Awareness Training as a customer-specific, email-only domain.
Using Your Own Domain for Both Landing Pages and Sending Emails
In addition to the reasons described above for sending emails with your own domain, you might want to use your own domain for landing pages to:
- Encourage users to confidently engage with training information on your organization's web page.
- Simulate an attack that has compromised a web application in your organization.
You can also use one or more subdomains of your own domains (subdomain.example.com) for the same reasons. See the following section for information.
To use your own registered domain exclusively with Security Awareness Training for use both:
- as a landing page hostname, and
- in the from address for sending campaign emails:
- Point your nameservers to:
ns-1947.awsdns-51.co.ukns-293.awsdns-36.comns-1418.awsdns-49.orgns-789.awsdns-34.net
If you are not able to specify all 4 of the nameservers, just choose the top 1 or 2.
- Contact Barracuda Support and provide the following information:
- your domain(s) you want to use
- Security Awareness Training instance(s) that require the domains
- email accounts (for example,
GoodActor@example.com)
Barracuda Support will set up DNS for the domain(s) and create the associated web and email account servers. This process usually takes 1-2 days.
You do not lose control of your domain(s). You can always choose to point the nameservers elsewhere. At that point, the landing page and email servers will no longer point to Security Awareness Training. As a courtesy, please let us know when we can remove the domain from your instance.
Using Your Own Subdomain for Both Landing Pages and Sending Emails
Your organization might use subdomains (subdomain.example.com) to organize your content and traffic. You can use one or more subdomains for both landing pages and sending emails for the reasons described in the section above.
To use your own subdomain exclusively with Security Awareness Training for use as both:
- a landing page hostname, and
- in the from address for sending campaign emails:
- Delegate your subdomain(s) to the following nameservers:
ns-1947.awsdns-51.co.ukns-293.awsdns-36.comns-1418.awsdns-49.orgns-789.awsdns-34.net
If you are not able to specify all 4 of the nameservers, just choose the top 1 or 2.
- Contact Barracuda Support and provide the following information:
- your subdomain(s) you want to use
- Security Awareness Training instance(s) that require the subdomains
- email accounts (for example,
GoodActor@subdomain.example.com)
Barracuda Support will set up DNS delegation for your subdomain(s) and create the associated web and email account servers. This process usually takes 1-2 days.
You do not lose control of your subdomain(s). You can always choose to delegate your subdomain(s) elsewhere. At that point, the landing page and email servers will no longer point to Security Awareness Training. As a courtesy, please let us know when we can remove the subdomain(s) from your instance.
Using Your Own Domain and Subdomain for Links within Training Invitation Emails (Customer Awareness Domain)
Training invitation emails contain links that invite users to learn about security issues for your organization. Sending training invitations from a valid internal account, called a Customer Awareness Domain, enables your users to confidently click on the training without thinking it is a phishing attack. Your users will see links like http://securityawareness.yourcompany.com... rather than https://phishline.com... in your campaign email messages.
You have two options for creating these links for your organization:
- subdomain of your existing domain
(http://securityawareness.yourcompany.com)– Preferred. This option provides the best context for your users, because it is part of the hierarchy of your organization's actual domain. - new domain (
security-awareness-yourcompany.com)– If you prefer, you can create a separate domain. Barracuda can create, register, and set up DNS for a new domain to use as a Customer Awareness Domain.
This is the same info, without bullets, if you want to downplay the 2nd option.
Setting up these links involves your creating a subdomain for your organization and is described below. Using a subdomain for your organization's actual domain, such as http://securityawareness.yourcompany.com..., provides the best context for your users. If you prefer to create a separate domain, such as security-awareness-yourcompany.com, Barracuda can create, register, and set up DNS for a new domain to use as a Customer Awareness Domain.
Note that this functionality affects all outbound campaign messages. It does not change:
- domains on training links embedded on your landing pages.
- behavior of other links in the campaign message, like unsubscribe links or links to a landing page.
To set up a Customer Awareness Domain for links within campaign emails:
In this example, the domain for your organization is yourcompany.com and the subdomain is securityawareness.
- Request that yourDNS Administrator add a subdomain, such as
securityawareness, with a CNAME that points tolp.phishline.com. Set the TTL to 60 seconds or something small to allow Security Awareness Training to redirect to other data centers without lag. To test, pingsecurityawareness.yourcompany.comand check that it resolves tolp.phishline.com. - Navigate to System > Global Settings. Under Advanced Domain, set the Customer Awareness Domain to your subdomain, in this case,
securityawareness.yourdomain.com. Click Save. - Send a test email to yourself to confirm that outbound email campaigns with training links use
http://securityawareness.yourdomain.com/...