Jump to:navigation, search

Whitelisting Exchange

From Securepoint Wiki

Note
This description is based on the status of the Microsoft 365 Portal in June 2023. Changes to the user interface on the part of Microsoft are possible at any time and must be taken into account accordingly in the implementation.
All information without warranty.

Configuration of Exchange Online Protection (EOP) Spam and Clutter Filters

Last adaption: 06.2023

notempty

This article refers to a Beta version

Whitelisting

To ensure that the simulated phishing emails of the Awareness PLUS training are not blocked by the Microsoft mail server or Microsoft Defender, whitelisting must be configured at various points.

Bypass spam and clutter filters in exchange

Fig.1

Log in to the MS365 portal at https://login.microsoftonline.com

Fig.2

Menu Security

Fig.3

Menu Exchange message-trace

Fig.4

Expand menu Mail flow and select submenu rules

Fig.5

Click on the Add a rule button
Select Create a new rule from the drop-down menu

Fig.6

Assign a unique name for the rule (here: Avoid spam and clutter filters

In the drop-down menu Apply this rule when..., select the entry

In the drop-down menu, select the entry

Click on Enter words

Fig.7

Enter the IP adress(es) from the section Whitelisting phishing simulation and confirm with OK. In the figure are example IPs that are not used!

Fig.8

In the drop-down menu Proceed as follows: select the entry

then select in the next menu

Fig.9

Enter the following values

Message-header (1): X-MS-Exchange-Organization-BypassClutter

Value (2): true

Fig.10

Click for Proceed as follows

Select the entry in the drop-down menu

Select the entry in the submenu

Fig.11

Select the option

Close the window with Save

Fig.12

Click on Next

The bypassing of the spam and cutter filter is thus completed

Retrieved from "https://wiki.securepoint.de/index.php?title=AWP/Whitelisting-Exchange&oldid=86269"

English