Email Phishing Simulation Services that Actually Work?

The futility of phishing simulation as "training" aside, an MSP friend contacted me a little while back to see how he can get it working for his SMB customers without asking their part-time sysadmins to manually allow-list phishing emails from these simulation services.

Apparently, phishing simulation emails sent by the big companies he tried - Breach Secure Now and Proofpoint - require you to allow-list their phishing email domains, otherwise they automatically get caught by the spam filters in Google …

asking back big big companies breach companies customers cybersecurity domains email email phishing emails list msp phishing phishing emails phishing simulation proofpoint services simulation smb training work working