Team: SAT
Environment: Microsoft 365 EAC and Exchange Allow listing EOP
Summary: This article goes over Microsoft 365 (EAC) and Exchange Allow List (EOP) settings
Microsoft Office 365 users please complete Option 1.
Exchange on-premises (EOP) please complete Option 2 for Powershell configuration.
Option 1: Add SAT IPs to Your IP Allow List in EAC
Let’s begin by adding the Security Awareness Training (SAT) IP addresses (training and phishing simulator) to your Exchange/Microsoft 365 Exchange Admin Center’s allowed list.
(If you are using Exchange 2010, 2013, 2016 and 2019, you can also set up an IP allow list using a command line. See instructions from Microsoft here: Add-IPAllowListEntry.)
Here’s what you need to do:
-
Log into Microsoft Exchange Admin Center via https://admin.exchange.microsoft.com/
-
In the Menu on the left Scroll down to Mail Flow and select Rules
-
Select the + Button then click "Create a new Rule".
-
Name the rule “SAT Allowlist”.
-
Under "Apply this rule if"
-
Select "The Sender"
-
Select "IP address is in any of these ranges or exactly matches"
-
-
Add the following IP addresses then click OK
-
18.205.140.116 (Phishing Server)
-
168.245.36.66 (Training Server)
-
- Under the "Do the following" section
- Select "Modify the message properties"
- Select "Set the spam confidence level (SCL)" - Set it to "Bypass Spam Filtering"
- Select "Next"
- Select "Enforce"
- Under Severity level: select High
- Select when you want to enable the rule.
- Select the box for "Stop Processing more rules"
- Click Save when finished
14. If you do not specify a start Date and Time, you will need to select the word "Disabled" next to the rule to bring up the Enable option.
15. Toggle on the Enabled switch and wait for the confirmation message " Rule status updated successfully"Option 2: Exchange On-Premises (EOP)
- Start Windows PowerShell
- Due to multiple variations of PS and operating systems, please use the Microsoft Guide to learn how to start PowerShell in multiple environments.
Starting Windows PowerShell - PowerShell
2. Add the following SAT IP addresses- 18.205.140.116 (Phishing Server)
- 168.245.36.66 (Training Server)
PowerShell command
- Add-IPAllowListEntry -IPAddress 18.205.140.116
- Add-IPAllowListEntry -IPAddress 168.245.36.66
If you want to learn more about this syntax, please refer to the Microsoft Guide.
Add-IPAllowListEntry (ExchangePowerShell)
Troubleshooting
If you are not receiving SAT notification emails, or if they are ending up in your learners’ spam, clutter, or junk folders, you can attempt the following troubleshooting suggestions:
- Check if your organization uses an additional email protection service (Barracuda, Mimecast, etc.) to filter emails.
- If you experience any issues delivering phishing campaign emails, Please use our Advanced Office 365 Defender Allowlisting Guide