IMPORTANT NOTICE: Since Microsoft rolled out the "Secure by Default" standard in October 2021, the required method of allowlisting has changed. To correctly allowlist in Exchange and Office 365 environments, please see our article Allowlisting via Microsoft Advanced Delivery.
To ensure the effective delivery of our simulated phishing emails, you may need to allowlist our servers, we recommend allowlisting by hostname which is covered in this article.
If you need to allowlist by Email Headers instead, see the following articles:
- Allowlist by Email Headers in Excahnge 2013, 2016, or Microsoft 365 (formerly Office 365)
- Allowlist by Email Headers in Exchange 2010
Allowlisting by Hostname in Exchange 2013, 2016 or Microsoft 365 (formerly Office 365)
When allowlisting for Microsoft 365 (formerly Office 365), we STRONGLY recommend implementing the ATP bypass steps to avoid potential false-positives in your campaigns.
- Log into the Microsoft 365 (formerly Office 365) portal and select Exchange > Admin centers.
- Select mail flow
- Click on the + (plus sign) located at the top left.
- Select Bypass spam filtering... from the drop-down menu. This will then open the new rule screen.
- Enter a name for the rule, for example, PhishingTackle.com spam filter bypass.
- Select Apply this rule if... and then choose The Sender...
- Select domain is. This will open the specify domain screen.
- Type in the hostname mail.tacklephishing.com (please note: the domain is a reverse of our usual domain name - see this article for details on our domain information) on the specify domain screen and click the + (plus sign). Next, click the OK button.
- Ensure the Do the following... fied is set to Set the spam confidence level (SCL) to... and Byspass spam filtering is set on the right.
- Scroll to the Match sender address in message option. Select Envelope from the drop-down.
- Click Save.
Should you require any further assistance, please contact our support team by clicking here.