IMPORTANT NOTICE: Since Microsoft rolled out the "Secure by Default" standard in October 2021, the required method of allowlisting has changed. To correctly allowlist in Exchange and Office 365 environments, please see our article Allowlisting via Microsoft Advanced Delivery.
This article covers how to allow our simulated phishing emails to reach your recipients by allowlisting by email header in your Microsoft Exchange 2010 environment.
Allowlisting is necessary in order for us to send simulated phishing emails that will bypass your mail filter. Typically we recommend allowlisting by IP address or hostname. But depending on your system set-up, allowlisting by Email Headers may be the most suitable way to ensure phishing test emails are delivered to your recipients. Make sure you also allowlist our IP addresses in your spam filter.
We recommend setting up a test phishing campaign to yourself or a small group after you follow the below steps to ensure your allowlisting was successful.
The setting may take up to an hour to propagate to all users so wait at least an hour before testing.
Follow the below instructions for adding the rule to allowlist by email header.
- Open your Microsoft Exchange Management Console (EMC) on your Microsoft Exchange server (see the below image - your Hub Transport listing may already have rules listed depending on your installation and environment).
- Expand Organization Configuration in the left-hand menu tree, and select Hub Transport.
- Under Actions on the right-hand side, select New Transport Rule.
- Enter a name for your New Transport Rule, for example, "Bypass spam filtering by PhishingTackle.com email header", and click Next.
-
In the "Step 1:" section of the dialog window, select the "when the message header contains specific words" checkbox and complete the following steps in the "Step 2:".
a. Select message header and type in the header "X-PHISHINGTACKLE".
b. Select specific words and then enter "PhishingTackle". - Once completed, your Conditions should show as in "Step 2:", as below.
- In "Step 1:", select "set the spam confidence level to a value".
- In "Step 2:", select the number shown for the spam confidence level (SCL) and change this to to -1, then click OK and then Next>.
- There is nothing to complete on the Exceptions page so just click Next>.
- On the Create Rule page, select New to continue.
- If the Wizard successfully created your rule, the dialog box should look like the below image.
- Click Finish to continue.
- Once the dialog box closes, you should now see the new rule in the Hub Transport list, as below (you may have other rules shown depending on your environment)
If you still need assistance, please Submit a support ticket.