This description is based on the status of the Microsoft 365 Portal in June 2023. Changes to the user interface on the part of Microsoft are possible at any time and must be taken into account accordingly in the implementation.
All information without warranty.
Configuration of Whitelisting for Awareness PLUS in Microsoft 365 (former: Office365)
Last adaption: 10.2023
New:
- Add displayed sender if necessary (Fig.11)
This article refers to a Beta version
Whitelisting
To ensure that the simulated phishing emails of the Awareness PLUS training are not blocked by the Microsoft mail server or Microsoft Defender, whitelisting must be configured at various points.
If the whitelisting based on the IP addresses in a system setup is not sufficient for all simulated phishing mails to reach the recipients, it is also possible to add the technical sender addresses to the whitelisting (also to be found in the manager, directly under the IPs).
Setting up technical senders
Fig.1
Log in to the MS365 portal at https://login.microsoftonline.com
Fig.2
Menu Security
Fig.3
Menu Guidelines and rules
Fig.4
Menu Threat policies
Fig.6
Menu Anti-spam
Fig.7
Click on the entry Antispam Setup Line (Default)
Fig.8
In the pop-up window, click on Edit allowed and blocked senders and domains
Fig.9
Under Sender(x) click on Manage x senders
Fig.10
Click on Add senders in the Manage Allowed Senders window
Fig.11
Enter the e-mail address of the technical sender from the section Whitelisting phishing simulation.
Click on to save the entries.If the mails still end up in the quarantine, the displayed sender (e.g. sender@anyideas.de) must be entered in addition to the technical sender. </li
Click on to save the entries.