Question

Why am I unable to receive phishing campaigns when I use my own email domain in the From Email?

Answer

We allow customers to send phishing campaigns using several different Proofpoint owned domains as well as the customer's own domain name. However, it should be noted that while this is possible, there is a high likelihood that these messages will be marked as spam or rejected by your mail server completely. This is usually because our mail server is not listed in the customer records.

For example, this is the SPF record for abcsecurity.com:
 

abcsecurity.com descriptive text "v=spf1 mx a include:spf.proofpoint.com ipv4:xx.xxx.xx.xxx include:proofpoint.com ~all"

This specifies that only IP addresses with the reverse of spf.proofpoint.com and the IP address “xx.xxx.xx.xxx” are permitted to send emails using abcsecurity.com in the From: field. If an email message is sent from an IP address not listed in the SPF record with abcsecurity.com in the From: field, spam filters are very likely to mark the message as spam.

Additionally, if you use a domain name that is a misspelling of your real domain name (e.g. companyy.com vs. company.com), if there is no reverse DNS entry for companyy.com, your mail server will likely reject the email completely. We recommend that Phishing Simulation customers who wish to send campaigns using their own domains in the From: field add an SPF entry for our email servers.

Please see Safelisting Guide  for more information.

If you would like another From: domain added to your account, please log a request with the support team.