whitelisting by ip address in exchange 2013, 2016, or
TRANSCRIPT
1
Whitelisting by IP Address in Exchange 2013, 2016, or Office 365
§ Section 1: Set up IP allow list § Section 2: Bypass Clutter Folder and Spam Filter § Section 3: Bypass Junk Folder for Office 365 mail servers
Section I: Set up IP allow list
Step 1: Log into your mail server admin portal and go into the Admin -> Exchange area.
Step 2: Click on Admin -> Exchange.
2
Step 3: Click on Connection Filter (under Protection section).
Step 4: Click on Connection Filter, then click the Pencil icon to edit the default connection filter policy.
Step 5: Under the IP Allow list, click the + sign to add the Phish Insight IP address.
3
Step 6: On the "Add allowed IP address" screen, add the Phish Insight IP addresses:
• 18.194.131.176 • 18.194.59.184 • 18.194.64.92 • 18.194.120.252 • 18.184.247.15 • 18.184.115.153
SECTION II: BYPASS CLUTTER AND SPAM FILTERING
To ensure our messages will bypass your Clutter folder as well as spam filtering within Microsoft's EOP, you can follow the steps below.
Step 1: Go to Admin -> Mail -> Mail Flow. Step 2: Click the (+) Create New Rule button beneath Mail Flow -> Rules.
4
Step 3:
§ Give the rule a name, such as (Bypass Clutter & Spam Filtering by IP Address) § Click on "More options" § Add the condition "Apply this rule if...." § Select "The sender", then click on More Options and select "IP address is in any
of these ranges or exactly matches:
5
Step 4 : Specify the following Phish Insight IP addresses, then click OK.
A. 18.194.131.176 B. 18.194.59.184 C. 18.194.64.92 D. 18.194.120.252 E. 18.184.247.15 F. 18.184.115.153
6
Step 5 : Beneath "Do the following", click "Modify the message properties" then "Set a Message Header"
7
Step 6: Set the message header to this value: Set the message header "X-MS-Exchange-Organization-BypassClutter" to the value "true". NOTE: Both "X-MS-Exchange-Organization-BypassClutter" and "true" are case sensitive.
8
Step 7: Add an additional action beneath "Do the following" to "Modify the message properties". Here, click on "Set the spam confidence level (SCL) to..." and select "Bypass Spam Filtering".
9
(You may consider scrolling down to check the time and date settings you’d like the change to take effect)
Step 8 : Click Save.
10
SECTION III : BYPASS JUNK FOLDER (O365 mail servers ONLY)
This rule will allow only simulated phishing emails from us to bypass the Junk folder to ensure that your recipients are receiving simulated phishing emails in their inboxes.
Step 1 : Go to Admin > Mail > Mail Flow.
Step 2 : Click the (+) Create New Rule button beneath Mail Flow > Rules.
Step 3:
§ Give the rule a name, such as Phish Insight - Skip Junk Filtering. § Click on more options. § Add the condition Apply this rule if..... § Select A message header > includes any of these words. § On the right side of that rule, you will see Enter text and Enter words... § Click the Enter text and type in the header X-PhishInsight and then click Enter
words ... and type in “Trend Micro Phishing simulation” then click the big + sign.;/
11
12
Step 4 : Beneath Do the following, click Modify the message properties then Set a Message Header.
13
Step 5 :
Set the message header to this value: Set the message header X-Forefront-Antispam-Report to the value SFV:SKI;.
§ Note: To learn more about this header, click here.
14
Step 6 : Add an additional action beneath "Do the following" to "Modify the message properties". Here, click on "Set the spam confidence level (SCL) to..." and select "Bypass Spam Filtering".
Step 7 : Click Save.