Environment: Microsoft 365 EAC and Exchange Allow listing EOP
Summary: This article goes over Microsoft 365 (EAC) and Exchange Allow List (EOP) settings
Microsoft Office 365 users please complete Step 1.
Exchange on-premises (EOP) please complete Step 2.
Step 1: Add SAT IPs to Your IP Allow List in EAC
Let’s begin by adding the Security Awareness Training (SAT) IP addresses (training and phishing simulator) to your Exchange/Microsoft 365 Exchange Admin Center’s allowed list.
(If you are using Exchange 2010, 2013, 2016 and 2019, you can also set up an IP allow list using a command line. See instructions from Microsoft here: Add-IPAllowListEntry.)
Here’s what you need to do:
Log into Microsofts Exchange Admin Center via https://admin.exchange.microsoft.com/
In the Menu on the left Scroll down to Mail Flow and select Rules
Select the + Button then click Bypass Spam filtering...
Name the rule “SAT Allowlist”
Under *Apply this rule if... select Sender’s IP address is in the range or exactly matches
Add the following IP addresses then click OK
18.104.22.168 (Phishing Server)
22.214.171.124 (Training Server)
7. In the Rule window scroll down to Priority: Set the value to 0
8. Under Audit this rule with severity level: select High
9. Check the box next to Stop processing more rules
10. Click Save when finished
Step 2: Exchange On-Premises (EOP)
- Start Windows PowerShell
- Due to multiple variations of PS and Operating systems please use Microsofts Guide on how to Start PowerShell in multiple environments.
Starting Windows PowerShell - PowerShell2. Add the following SAT IP addresses
- 126.96.36.199 (Phishing Server)
- 188.8.131.52 (Training Server)
- Add-IPAllowListEntry -IPAddress 184.108.40.206
- Add-IPAllowListEntry -IPAddress 220.127.116.11
If you want to learn more about this Syntax please refer to the following Microsoft Guide
If you are not receiving SAT notification emails, or if they are ending up in your learners’ spam, clutter, or junk folders, you can attempt the following troubleshooting suggestions:
- Check if your organization uses an additional email protection service (Barracuda, Mimecast, etc.) to filter emails.
- If you experience any issues delivering phishing campaign emails, Please use our Advanced Office 365 Defender Allowlisting Guide
Please sign in to leave a comment.