Skip to content

SendGrid IP Whitelisting

VIDEO TRANSCRIPT | Recorded: 2025-12-19 | Verify against current system state

Abstract

This session explains how to manage SendGrid IP whitelisting when remote users are blocked from accessing the account. Jeff demonstrates the IP Access Management screen, shows how to identify blocked access attempts, and walks through the process of adding IP addresses to the allow list. The session also covers the importance of documenting whitelisted IPs in SharePoint for audit purposes.

Key Procedures

  • SendGrid IP whitelisting is enabled by default to limit which servers can send email from the AANP account
  • When blocked from SendGrid, have someone at the physical office log in (Ethernet connection sees correct IP) or add your IP to the whitelist
  • Access IP management: Log into SendGrid → IP Access Management (may be called IP whitelist)
  • Allowed IP addresses are listed at the top of the IP Access Management screen
  • Recent access attempts appear below the allow list showing which IPs tried to access the system
  • Icon indicators: Green dot = allowed through; Different icon = blocked
  • To add a blocked IP: Find the IP in recent attempts → Click "Configure" → Click "Add to allow list"
  • Always confirm with the user that the IP address shown is actually theirs before adding
  • VPN users at home will show their personal home IP address, not the office IP
  • A laptop connected via Ethernet at the physical office can always access SendGrid (bypasses the issue)
  • Audit the IP whitelist yearly to ensure all addresses are still valid and necessary
  • Document all whitelisted IPs in the server Excel spreadsheet on SharePoint with explanation of why each was added
  • SendGrid does not support adding notes to whitelisted IPs (unlike Cloudflare), so external documentation is critical
  • If a user's home IP address changes, they will need to go through this process again

Notable Statements

  • 0:00:21 "IP whitelisting is enabled by default because this allows us to limit the servers that can actually utilize and send email from our account."
  • 0:00:42 "This is really powerful and it's really useful to ensure that we don't have spammers taking over our SendGrid account and ruining our reputation."
  • 0:00:48 "I hesitate to just disable this completely because this means then we don't have those security measures in place."
  • 0:01:11 "When you have something connected to Ethernet inside of our offices, it allows you through, it sees the correct IP address."
  • 0:02:07 "At the top are all of the allowed IP addresses. So this could use an audit every year just to make sure that the IP addresses we have in the system are accurate."
  • 0:02:38 "There are times when there are people trying to reach our system and they have an API key that are not part of our system and they are trying to get in."
  • 0:03:44 "Cloudflare allows you to do this and put a note about why you've allowed the whitelisted IP, but you can't here. So that's why I keep it in the Excel spreadsheet file."

Systems & Configurations

Systems Mentioned

  • SendGrid (email service provider)
  • SharePoint (documentation storage for server Excel spreadsheet)
  • Cloudflare (referenced for comparison - supports IP whitelist notes)
  • VPN (relevant to IP address visibility)

Specific Configurations

Item Value/Setting Timestamp Notes
IP Whitelisting Enabled by default 0:00:21 Security measure for email sending
IP Access Management SendGrid admin screen 0:02:01 Where whitelist is managed
Audit frequency Yearly 0:02:07 Review all whitelisted IPs

Credentials/Access Mentioned

  • SendGrid admin login (access via 1Password)
  • SharePoint access for server documentation Excel file
  • Office laptop for remote SendGrid access workaround

Errors & Troubleshooting

  • Issue: User blocked from SendGrid login
  • Cause: User's IP address not on the whitelist (common when working from home via VPN)
  • Resolution: Have someone at the office add their IP, or use office laptop to access SendGrid and add the IP

  • Timestamp: 0:00:00

  • Issue: User's IP address keeps getting blocked after being added

  • Cause: Home ISP changed the user's IP address
  • Resolution: Re-add the new IP address to the whitelist

  • Timestamp: 0:02:58

  • Issue: Unable to determine why an IP was whitelisted

  • Cause: SendGrid doesn't support notes on whitelisted IPs
  • Resolution: Document all whitelist entries in the server Excel spreadsheet on SharePoint
  • Timestamp: 0:03:44

Security Considerations

Why IP Whitelisting Matters

  • Prevents unauthorized parties from using AANP's SendGrid account to send spam
  • Protects sender reputation (critical for email deliverability)
  • Blocks API key abuse from unknown servers
  • Recent attempts log shows attempted unauthorized access

Best Practices

  • Never disable IP whitelisting entirely
  • Verify IP ownership with user before adding to whitelist
  • Document all additions with justification
  • Conduct yearly audits of whitelist entries
  • Remove IPs for former employees or unused services

Transcript Gaps & Quality Notes

  • Recording from live knowledge transfer session
  • Duration: ~4 minutes
  • Presenter: Jeff Sikes
  • Some speaker attribution variations in transcript (Speaker 2 appears briefly)
  • References to SharePoint server spreadsheet that viewer cannot access during video
  • Audio quality: Good