Here are the 2 parts of whitelisting our simulated phishing email servers on your Exchange 2013, 2016 platforms.

  1. You will need to establish a list of allowed IP’s including our IP addresses.
  2. The next step will be setting up an incoming mail rule to allow them to skip the Clutter folder and Microsoft's Exchange Online Protection spam filter.

It is important to do all of the above to make sure the whitelisting is done properly.

There are 2 mail flow rules to be set up:

  1. Bypassing spam folder by IP address,
  2. Bypassing junk folder by IP address, 

Note: after setting up all the rules, please wait up to 2 hours before testing the functionality of the phishing simulator.

We will set up the whitelisting rules with 2 steps:

  1. Setting up the allowed IP addresses list,
  2. Bypassing the Clutter and Spam Filtering by IP addresses, 

 

Setting up the allowed IP addresses list

It is possible to set this up by using a command line if you are using Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, or Exchange Server 2019.
Click here to find out more.

However, if you don’t want to use the command line, please follow the instructions below.

  1. Log in to your mail server admin portal and click Admin.
  2. Select Exchange.
  3. Go to connection filter.
  4. Move to connection filter in the protection section, then click the edit button
  5. Select connection filtering.
  6. Click the to add an IP address.
  7. In the Add allowed IP address form, add our IP addresses one at a time:
    • 109.169.81.206
    • 149.72.116.196
    • 167.89.25.230
    • 149.72.125.251
    • 168.245.58.208
      1. Finish by clicking Save.

This will make sure that our messages will be bypassed by the Clutter and Spam Filtering.

Follow these steps:

  1. Navigate to  https://admin.exchange.microsoft.com/#/ and login with your Office 365 Admin credentials.
  1. Select Mail flow-> Rules on the left hand side menu bar. 
  2. Name the rule.
  3. Select More options
  4. Add the condition Apply this rule if....
  5. Select The sender and click IP address is in any of these ranges or exactly matches.
  6. Fill in our IP addresses

•           149.72.116.196 

•           109.169.81.206

•           167.89.25.230

•           149.72.125.251

•           168.245.58.208

then confirm by clicking OK.

  1. Expand the Do the following dropdown, click Modify the message properties then Set a Message Header.
  2. Select the *Enter text... button and set the message to:

Set the message header "X-MS-Exchange-Organization-BypassClutter" to the value "true".
Note: Both commands are case-sensitive.

  1. Next under Do the following select Modify the message properties. Click Set the spam confidence level (SCL) to... and choose Bypass Spam Filtering.
  2. Finish by clicking Save.