How to whitelist your E-Mail IP Address in Exchange 2013, 2016, or Office 365

How to Whitelist your E-Mail IP Address in Exchange 2013, 2016, or Office 365

This document will cover how to whitelist our simulated phishing email servers in your Exchange 2013, 2016, or Office 365 environment (the process is the same for each of those three mail servers).

The goal is to allow us to send simulated phishing emails to bypass your Microsoft Exchange Online Protection (EOP) mail filter. This set-up will allow only simulated phishing emails from us to bypass this filter.

First, you'll want to set up an IP Allow List which includes our three IP addresses. Next, you will set up a mail flow rule to allow incoming mail to bypass both the Clutter folder, as well as Microsoft's EOP spam filter. You must complete BOTH sections to whitelist successfully.

Once your settings are in place, it may take some time for those settings to propagate. We recommend that you wait 1-2 hours and then set up a phishing campaign to yourself or a small group to test out your new whitelisting rules.

The instructions for setting up these rules are shown below (the below instructions show screenshots for Office 365).

SECTION 1) SET UP IP ALLOW LIST
SECTION 2) BYPASS CLUTTER FOLDER and SPAM FILTER

 

SECTION 1: SET UP YOUR IP ALLOW LIST

Step 1:

Log into your mail server admin portal and go into the Admin -> Exchange area.

Step 2:

Click on Admin -> Exchange.

Step 3:

Click on Connection Filter (beneath Protection heading).

Step 4:

Click on Connection Filter, then click the Pencil icon to edit the default connection filter policy.

Step 5:

Under the IP Allow list, click the sign to add an IP address.

Step 6:

On the "Add allowed IP address" screen, add the following IP addresses:

  • 144.168.36.6
  • 144.168.36.35
  • Your Hosting IPv4 (Can be checked via Ping to Domain Name)

Step 7:

Click OK, then Save. Next, you will want to set up a mail flow rule to allow our mail to bypass spam filtering and the Clutter folder.

 

 

SECTION 2: BYPASS CLUTTER AND SPAM FILTERING

To ensure our messages will bypass your Clutter folder as well as spam filtering within Microsoft's EOP, you can follow the steps below.

Step 1:

Go to Admin -> Mail -> Mail Flow.

Step 2:

Click the (+) Create New Rule button beneath Mail Flow -> Rules.

Exchange Admin Center:

Step 3:

  • Give the rule a name, such as (Bypass Clutter & Spam Filtering by IP Address)
  • Click on "more options"
  • Add the condition "Apply this rule if...."
  • Select "The sender", then click on More Options and select "IP address is in any of these ranges or exactly matches:

New Rule Screen:

Step 4:

Specify the following sender IP addresses, then click OK:

  • 144.168.36.6
  • 144.168.36.35
  • Your Hosting IPv4 (Can be checked via Ping to Domain Name)
 

Specify Sender IP addresses:

Step 5:

  • Beneath "Do the following", click "Modify the message properties" then "Set a Message Header"

Modifying the message properties:

Step 6:

Set the message header to this value:
Set the message header "X-MS-Exchange-Organization-BypassClutter" to the value "true".

NOTE: Both "X-MS-Exchange-Organization-BypassClutter" and "true" are case sensitive.

Set the message header value:

Step 7:

Add an additional action beneath "Do the following" to "Modify the message properties". Here, click on "Set the spam confidence level (SCL) to..." and select "Bypass Spam Filtering". 

Bypass Spam Filtering

Step 8:

Click Save. An example of the completed rule is below.

 

Completed Mail Flow Rule

 

Helpful Hint: To test out your whitelisting and make sure phishing security tests will reach your end users, you can set up a phishing campaign to a small test group which includes yourself. Once the simulated phishing email reaches your inbox, you'll know you've successfully whitelisted our servers in your system.

For additional information or assistance with your whitelisting, contact CSpace Hostings support team.

- CSpace Hostings / https://cspacehostings.com

  • 0 Utilizadores acharam útil
Esta resposta foi útil?

Artigos Relacionados

How can I add a mailing list?

1. Log into cPanel and click the "Mailing List" icon under the Mail section. 2. Enter the list...

Do you support boxtrapper?

The Support for Boxtrapper has ended but we do support Spam Assasin on all our cPanel Hosting.-...

How can I check an email address disk usage/quota?

1. Log into your cPanel and click the "Email Accounts" icon under the Mail section. 2. At the...

How do I access webmail?

1. Open up your favorite web browser2. In the address bar type yourdomain.com/webmail3. Under...

How do I change the password for an email address?

1. Log into your cPanel and click "Email Accounts" under the Mail section. 2. The bottom of...