Allow List Mail Servers
      Back to home
      1. Knowledge Base
      2. Email Phishing
      3. Allow List Mail Servers

      Allow List mailservers - Microsoft Office 365

      Allow listing CultureAI emails in Microsoft Office 365

      To Allow list emails in Microsoft Office 365, you need to undertake the following steps:
      1. Create a ‘Bypass Spam’ rule for emails arriving from 149.72.233.190 & 149.72.224.180
      2. Create a 'Microsoft APT bypass' rules to bypass Safe Link and Safe Attachment processing.
      3. Create a connection filter rule to allow emails arriving from 149.72.233.190 & 149.72.224.180.

      Step-by-step instructions provided below.

      Configuring Allow Listing

      Mail Flow Rules - Simulated Phishing

      1. 1. Navigate to the Office 365 Exchange Admin Centre
      2. The Exchange admin centre for your organisation is available at the following URL: 
      3. https://admin.exchange.microsoft.com/
      4. 2. Click 'Rules
      5. Rules’ can be found under the ‘mail flow’ heading:
        mceclip0
      6. 2. Click "Create a new rule"
        image (7)
      7. You will need to fill out the new rule as the image below
        image (8)
      8. Enter a name for the rule, such as "Spam Bypass Rule"
      9. Click the "Apply this rule if" dropdowns and select "The sender" > "IP address is any of these ranges"
        Enter the IP 149.72.233.190 when prompted and click add. Repeat to add 149.72.224.180, then click ‘ok’.
        image (9)
      10. Add another condition and click the dropdown box and select "Modify the message properties" > "Set the spam confidence level (SLC). Set this to -1 (safe)
      11. Add another condition, click the drop down box and select  "Set the message header to" 'X-MS-Exchange-Organization-SkipSafeLinksProcessing' and set the value to '1'.
      12. Your new rule should now look as below. Click ‘Save’ to store this rule.  
        image (8)

      Mail Flow Rules - Reporting Add-in

      If you are using the CultureAI reporting tool, you will need to add an additional mail flow rule to prevent the automatic processing of attachments from CultureAI. 

      1. Create a new mail flow rule

      This rule can be a standard rule following the same source IP setup as outlined in Step 3 above.

      2. Add Microsoft ATP SafeAttachments header

      Click 'Add Action' and select:

      Modify the message properties > Set a message header

      mceclip2

      Set the message header to 'X-MS-Exchange-Organization-SkipSafeAttachmentProcessing' and value to '1'.

      3. Check and save

      Your new rule should now look as below. Click ‘Save’ to store this rule.  

      mceclip1-2

      Connection Filter Rules

      1. Open the Office 365 Security and Compliance site

      The security and compliance platform can be accessed from the following URL:

      https://protection.office.com/

      Under threat management select "Policy":

      mceclip0-2

      Under policy select "Anti-spam":

      mceclip1-3

      2. Edit the "Connection filter policy"

      mceclip2-1

      Select "Edit" under the IP Allow List:

      mceclip3-1

      Add both 149.72.233.190 and 149.72.224.180 to the ‘Allowed IP Address’ list. Click ‘Save’ to save the settings.

      mceclip4-1