This description is based on the status of the Microsoft 365 Portal in June 2023. Changes to the user interface on the part of Microsoft are possible at any time and must be taken into account accordingly in the implementation.
All information without warranty.
Configure Microsoft 365 Defender for Phishing Simulation
Last adaption: 06.2023
This article refers to a Beta version
Whitelisting
To ensure that the simulated phishing emails of the Awareness PLUS training are not blocked by the Microsoft mail server or Microsoft Defender, whitelisting must be configured at various points.
Advanced delivery for phishing simulations for Microsoft 365 Defender
Fig.1
Log in to the MS365 portal at https://login.microsoftonline.com
Fig.2
Menu Security
Fig.3
Menu Policies and rules
Fig.4
Menu Threat policies
Fig.5
Menu Advanced delivery
Fig.6
Click on Phishing-Simulation and then on Edit to add entries.
Fig.7
Enter the domain of the technical sender here (the entire part following the "@" of the email address, e.g. admin@ttt-point.de → ttt-point.de).
Enter the IPv4 addresses (Listing of all used addresses).
Enter the IPv4 addresses (Listing of all used addresses).
Enter the Simulations-URLs used in the phishing links into the field. The format for entering the URLs is "anyideas.de".