M365: Whitelisting
Last updated
Was this helpful?
Last updated
Was this helpful?
It's suggested to use all the methods explained in this documentation step by step for whitelisting successfully. The customer may skip the related step if there is no feature in their O365 environment due to the license.
The below instructions will show you how to whitelist the emails such as notification, training, or phishing simulation emails that will be sent from the platform to users by whitelisting Sender IPs in the O365 environment in the Phishing Simulation feature.
Note the to be allowed.
Sign in to the Center.
Click the Policies & rules item on the left sidebar menu.
Go to Threat policies > Advanced delivery.
Click the Phishing simulations tab and click Edit.
Add the IP address to Sending IP section.
Add the Domain address (also known as the MAIL FROM address) used in the phishing campaign into the Domains section.
Add the phishing domains by using *.domain.com/* wildcard syntax to Simulation URLs to allow section.
Click Save to complete the process.
The below instructions will show you how to whitelist the emails such as notification, training, or phishing simulation emails that will be sent from the platform to users by whitelisting Sender IPs in the O365 environment in the Threat Policies feature.
Click the Connection Filter Policy and select the Edit connection filter.
Add the IP addresses to the section labeled Always allow messages from the following IP addresses or address range.
Enable the Turn on safe list option.
Click Save to complete the process.
The below instructions will show you how to whitelist the emails such as notification, training, or phishing simulation emails that will be sent from the platform to users by whitelisting the Sender IPs in the O365 environment in the Bypass Spam Filter feature.
Go to Exchange > Mail flow > Rules and click the + Add a rule button.
Select the Bypass Spam Filter option.
Enter a name for your whitelisting rule.
Scroll down to the "Apply this rule if..." section and select "The sender" and then select "IP address is in any of these ranges or exactly matches"
Scroll down to the "Do the following" section.
Select the "Modify the message properties" option and then select the "Set the spam confidence level(SCL)" option.
And then click the Set the spam confidence level (SCL) to '-1' option and select "Bypass spam filtering" and click the Save button.
Next to the "Do the following" field, click + button to create a new rule.
Select the "Modify the message properties" option and then select the "set a message header" option.
Click "Enter Words" and type "X-MS-Exchange-Organization-BypassClutter" and then click the Save button.
Next, click Enter Words under the "header value" and type "true".
We recommend leaving the rest of the rule settings the same. Once you have completed these steps, click Save to save your whitelisting rule.
Make sure the whitelisting rule's status is enabled. If it's disabled, click on it and Enable it and click the Edit Rule Settings button on the opened page to save it.
The below instructions will show you how to whitelist the emails such as notification, training, or phishing simulation emails that will be sent from the platform to users by whitelisting the Sender IPs in the O365 environment with the "SkipSafeLinksProcessing" rule.
This step is suggested to prevent scanning phishing simulation links by O365 sent by the platform.
Go to Exchange > Mail flow > Rules and click the + Add a rule button.
Click on the Create a new rule option.
Enter a name for your whitelisting rule.
Scroll down to the "Apply this rule if..." section and select "The sender" and then select "IP address is in any of these ranges or exactly matches"
Scroll down to the "Do the following" section.
Select the "Modify the message properties" option and then select the "Set a message header" option.
Set the message header to "X-MS-Exchange-Organization-SkipSafeLinksProcessing" and set the value to "1".
We recommend leaving the rest of the rule settings the same. Once you have completed these steps, click Save to save your whitelisting rule.
Make sure the whitelisting rule's status is enabled. If it's disabled, click on it and Enable it and click the Edit Rule Settings button on the opened page to save it.
The below instructions will show you how to whitelist the attached files in the emails that will be sent from the platform to users by whitelisting the Sender IPs in the O365 environment with the "SkipSafeAttachmentProcessing" rule.
This step is suggested to prevent scanning phishing simulation attachment files by O365 sent by the platform.
Go to Exchange > Mail flow > Rules and click the + Add a rule button.
Click on the Create a new rule option.
Enter a name for your whitelisting rule.
Scroll down to the "Apply this rule if..." section and select "The sender" and then select "IP address is in any of these ranges or exactly matches"
Scroll down to the "Do the following" section.
Select the "Modify the message properties" option and then select the "Set a message header" option.
Set the message header to "X-MS-Exchange-Organization-SkipSafeAttachmentProcessing" and set the value to "1".
We recommend leaving the rest of the rule settings the same. Once you have completed these steps, click Save to save your whitelisting rule.
Make sure the whitelisting rule's status is enabled. If it's disabled, click on it and Enable it and click the Edit Rule Settings button on the opened page to save it.
If the emails sent by the platform somehow is not delivered to the user's inbox, the admin can use the following steps to see why it's not delivered and find a solution for it.
Go to Exchange > Mail flow > Message Trace and click the + start a trace button.
Enter the from address to the "Senders" field which is expected to be delivered from the platform and click the Search button.
The O365 will list the emails that is delivered from the specified email address and then you can click on the emails to see more information.
The following video playlist tutorial contains information about how to whitelist in O365 environment.
Note the to be allowed.
Sign in to the Center.
Click the Policies and rules > Anti-Spam under the Policies. To go directly to the Anti-spam policies page, use
Sign in to the portal.
To the right you'll see "Enter text...", click "Enter Words" to bring up a new window labeled specify IP address ranges, and enter the IPs listed and then click the Save button.
Sign in to the portal.
To the right, you'll see "Enter text...", click "Enter Words" to bring up a new window labelled specify IP address ranges, and enter the IPs listed and then click the Save button.
Sign in to the portal.
To the right, you'll see "Enter text...", click "Enter Words" to bring up a new window labelled specify IP address ranges, and enter the IPs listed and then click the Save button.
Sign in to the portal.
✅ You have now ensured your target users will receive emails through Keepnet. Now you need to so your target users can successfully open Keepnet email links ➡️