Allow List mailservers - Microsoft Office 365

Allow listing CultureAI emails in Microsoft Office 365

To Allow list emails in Microsoft Office 365, you need to undertake the following steps:
  1. Create a ‘Bypass Spam’ rule for emails arriving from &
  2. Create a 'Microsoft APT bypass' rules to bypass Safe Link and Safe Attachment processing.
  3. Create a connection filter rule to allow emails arriving from &

Step-by-step instructions provided below.

Configuring Allow Listing

Mail Flow Rules - Simulated Phishing

  1. 1. Navigate to the Office 365 Exchange Admin Centre
  2. The Exchange admin centre for your organisation is available at the following URL: 
  4. 2. Click 'Rules
  5. Rules’ can be found under the ‘mail flow’ heading:
  6. 2. Click "Create a new rule"
    image (7)
  7. You will need to fill out the new rule as the image below
    image (8)
  8. Enter a name for the rule, such as "Spam Bypass Rule"
  9. Click the "Apply this rule if" dropdowns and select "The sender" > "IP address is any of these ranges"
    Enter the IP when prompted and click add. Repeat to add, then click ‘ok’.
    image (9)
  10. Add another condition and click the dropdown box and select "Modify the message properties" > "Set the spam confidence level (SLC). Set this to -1 (safe)
  11. Add another condition, click the drop down box and select  "Set the message header to" 'X-MS-Exchange-Organization-SkipSafeLinksProcessing' and set the value to '1'.
  12. Your new rule should now look as below. Click ‘Save’ to store this rule.  
    image (8)

Mail Flow Rules - Reporting Add-in

If you are using the CultureAI reporting tool, you will need to add an additional mail flow rule to prevent the automatic processing of attachments from CultureAI. 

1. Create a new mail flow rule

This rule can be a standard rule following the same source IP setup as outlined in Step 3 above.

2. Add Microsoft ATP SafeAttachments header

Click 'Add Action' and select:

Modify the message properties > Set a message header


Set the message header to 'X-MS-Exchange-Organization-SkipSafeAttachmentProcessing' and value to '1'.

3. Check and save

Your new rule should now look as below. Click ‘Save’ to store this rule.  


Connection Filter Rules

1. Open the Office 365 Security and Compliance site

The security and compliance platform can be accessed from the following URL:

Under threat management select "Policy":


Under policy select "Anti-spam":


2. Edit the "Connection filter policy"


Select "Edit" under the IP Allow List:


Add both and to the ‘Allowed IP Address’ list. Click ‘Save’ to save the settings.