Skip to content
  • There are no suggestions because the search field is empty.

Allow EasyLlama Emails for Phishing Simulator in Google Workspace [Recommended]

To be sure you are set-up for success with our Phishing Simulator, we will require you to allowlist our messaging. Otherwise, Gmail can block our simulated phishing attempts so you will not get any emails sent out! This article outlines the DMI method.

 

Before You Start

What You'll Need

  • Google Super Admin privileges (required for Domain-Wide Delegation)

  • All learner emails must be in the same Google Workspace

  • Administrative access to your EasyLlama dashboard

  • Access to Google Workspace Admin Console (admin.google.com)

Important Notes

DMI vs. SMTP: This guide covers Domain-Wide Delegation (DMI) , which works when all emails are in the same Google Workspace. If your organization has multiple Google Workspaces, you must use the SMTP method instead.

Quick Reference

  • Purpose: Enable Phishing Simulator emails through Google Workspace

  • Scope needed: https://www.googleapis.com/auth/gmail.insert

  • Test method: Send test email from EasyLlama dashboard

  • Disconnect: Remove from both EasyLlama and Google Workspace

Set Up Google DMI

⚠️ Prerequisite: You must be a Google Super Admin to complete these steps.

 

  1. In the EasyLlama Dashboard, go to Settings > Integrations

  2. Find Google DMI. Select Connect. Copy the Client ID

  3. Open a new tab and navigate to admin.google.com

  4. In the Google Workspace Admin console, select the Security > Access and data control section.

  5. Select the “API Controls” section.

API Controls section

 

6. Scroll down to the Domain wide delegation section, and click the "Manage Domain Wide Delegation" button.

Domain wide delegation

 

7. Click the "Add new" button.

Add new

 

8. In the Client ID field, paste the Client ID copied in step 2. 

9. In the OAuth Scopes field, enter the value: https://www.googleapis.com/auth/gmail.insert

10. Click the "Authorize" button.

11. Go back to EasyLlama > Settings > Integrations > Google DMI. Enter an email address from the Google Workspace, click Send Test Email. Confirm that an email Google DMI Test Email is received to the entered email address. 

That's it! Google DMI is set up for EasyLlama's Phishing Simulator. 

(Optional) DMI Whitelisting Guide

Although DMI reduces the need to whitelist for initial deliverability, you may have post-delivery email security tools that can still flag simulated phishing emails as spam and/or obfuscate phish email click reporting.

Sender Domains:

Here is our current list of sender domains for our phish simulation emails: 

  1. account-checker.com
  2. accountreset.cloud
  3. auth-identity.co
  4. auth-notify.tech
  5. easyllama.com
  6. login-alerts.co
  7. psm.easyllama.com
  8. reset-account.co
  9. secure-loginhub.com
  10. secureauthaccess.com
  11. verify-account.co

Troubleshooting Connection Error in Google

If you receive an error when clicking Authorize to connect DMI to Google Workspace, your client ID and scopes may be incorrect. To check your client ID and scopes, follow these steps:

  1. Navigate to admin.google.com
  2. Locate the new domain-wide delegation permissions that you created. Menu > Security > Access and data control > API controls > Manage Domain Wide Delegation.
  3. Click View Details.
  4. Ensure that every scope is listed, there are no duplicate scopes, and that the client ID is correct.
  5. If a scope is missing or contains an error, click Edit, enter the missing scope, and click Authorize to apply the changes.

Disconnect a DMI Connection

When disabling DMI, we recommend removing the connection in the EasyLlama Dashboard and also your mail client account.

To disconnect DMI in the EasyLlama Dashboard, follow these steps:

  1. Log in to your EasyLlama Dashboard.

  2. In the EasyLlama Dashboard, go to Settings > Integration > Google DMI

  3. Click the 3 dot menu > Remove

To disconnect DMI in Google Workspace, follow these steps: 

  1. Navigate to admin.google.com
  2. Locate the new domain-wide delegation permissions that you created. Menu > Security > Access and data control > API controls > Manage Domain Wide Delegation.
  3. Click View Details.

Helpful Tips

Only use DMI with a Google Workspace
DMI only works with a single Google Workspace. For multiple workspaces, use the SMTP method.

Be sure to enter the scope exactly to avoid authorization failure
The scope must be entered exactly as https://www.googleapis.com/auth/gmail.insert. Extra spaces or typos will cause authorization failure.

Send a test email after setup
Always send a test email to confirm the configuration works before launching phishing campaigns.

When disconnecting DMI, remove from both EasyLlama and Google Workspace
When discontinuing DMI, remove from both EasyLlama and Google Workspace to fully revoke access.

Quick Questions

What if my organization has multiple Google Workspaces?
Use the SMTP method instead of DMI. DMI requires all emails to be in the same workspace.

Do I need to whitelist domains even with DMI?
While DMI helps with initial delivery, post-delivery security tools may still filter emails. Whitelisting the sender domains is recommended for best results.

How do I know if DMI is working correctly?
The test email is the best indicator. If you receive the "Google DMI Test Email," your setup is working.

Can I use DMI for other EasyLlama emails?
This setup specifically enables Phishing Simulator emails through Google Workspace.

Llama Fact: Llamas are known for their reliable communication within the herd—similar to how DMI ensures reliable email delivery for your phishing simulations!