Articles on: 👍 Initial Setup

⚙️ How to allow Arsen phishing simulation by IP address Microsoft 365. (n°2)

By following this procedure, you will be able to allow our phishing simulations to bypass your protections in order to test the behavior of your employees.

The goal is for our phishing simulations to reach your employees' inboxes directly, without going through the junk mail folder, which could distort your employees' training.

Sommaire



Prerequisites
Step 1: Add Arsen's IP address to the allowed IPs list
Step 2: Configure the advanced delivery policy for third-party phishing simulations

Prerequisites



To follow this procedure, you must be the administrator of your company's Microsoft 365 account.

Step 1: Add Arsen's IP address to the allowed IPs list



Log in to your Microsoft 365 account's security center.

Go to Policies and rules > Threat Policy > Anti-spam.





Click Connection Filter Policy (default)




In Always allow messages from the following IP addresses or address range: enter the IP address 161.38.204.14.

Check Turn on safe list you should have a screen that looks like the image below:





Click Save and then click Yes on the Security and Compliance popup


Step 2: Configure the advanced delivery policy for third-party phishing simulations



In to your Microsoft 365 account's security center.

Go to Policies & rules > Threat Policies > Advanced delivery.





Click Phishing Simulation and then on Edit.



In Edit third party phishing simulations :

enter Arsen's attack domains. (use a domain like phishingemail.net to start). You need one domain at least to complete this step.



enter the IP address 161.38.204.14.



Click Save

Updated on: 23/07/2024

Was this article helpful?

Share your feedback

Cancel

Thank you!