Microsoft 365 Whitelist

In this article, we explain the process of domain whitelisting. If your organisation operates under the restrictions and security policies of Microsoft Office 365, you will need to follow the guidelines provided down below. In this way, you will be able to execute “testing” phishing campaigns towards your personnel, but also send out Student Notifications regarding their training.

1. Login to your Microsoft 365 admin profile and navigate to your apps. Select the Admin option:

2. Click on Show all to expand:

3. Navigate to the admin center using the Security option:

4. As From the menu, click on the Email & collaboration

5. Go to Policies & rules so you can start setting up your whitelist rules:

6. From Policies & rules click on Threat policies :

7. Click on Advanced delivery:

8. Click on Phishing simulation:

9. Click on edit:

10. Set the domain(s) you would like to Whitelist :

11. Set the domain(s) you would like to Whitelist from simulation URLs to allow :

12. Finally, click on Save to apply the changes:

Failing to do so will result in emails arriving at the spam/junk folders of target users’ inboxes! Click here to learn more about Training Campaigns or here to dive deeper into Email Campaigns!

Last updated 3 months ago