Guides for system admins

Install MailRisk add-in:

 

Allow simulated phishing:

 

Single sign-on and user sync:

Whitelisting simulated phishing in Office 365

Last updated: 22 May 2023

This guide is intended for administrators to allow simulated phishing from Secure Practice.

You need a security administrator role in Office 365 to be able to complete this guide.

In the main menu (left navigation), find «Policies & Rules».

  • Click the «Threat policies» link in the list that comes up, to reveal the following:

Here, click on «Advanced delivery» to manage overrides for special system use cases.

  • On the next page, click the «Phishing simulations» tab in the horizontal navigation:

This is where Microsoft allows us to configure the rules we need.

  • Click the blue «Add» button (see above) to configure this for the first time.
  • Alternatively, click the the «Edit» button (pencil icon, see below) if a policy already exists.

In the «Domain» field, insert the following:

  • smtp.sendfiend.com

In the «Sending IP» field, insert the following:

  • 45.154.232.29
  • 207.154.247.120

The last field «Simulation URLs to allow» is optional, but is recommended to include whatever URLs for domain names you are going to use for landing pages in your phishing simulations. Please note you can up to 30 domains here, we recommend that you begin with the IP address (and primary DNS alias) used by our phishing websites:

  • 45.154.232.28
  • www.sendfiend.com

You may continue to add domains to be used with the phishing simulator, from the list below:

  • sendfiend.com
  • 4qw.nl
  • mediapage.eu
  • nefflix.it
  • onebrive.com
  • passordmyndighet.no
  • sitestoragesharing.nl
  • telecomservic.es
  • webhostnet.net
  • aflassian.com
  • ctrypo.com
  • feedbackhubs.com
  • fiendsend.com
  • formswebs.com
  • helloprecious.eu
  • hotsocl.com
  • maxtax.ch
  • metafaceinsta.com
  • microsott.no
  • mstf.it
  • nytinnes.com
  • passwordauthority.eu
  • preciousforever.eu
  • publiclottery.eu
  • qnaii.com
  • qxqc.org
  • salest0rce.com

(Web domains in the first column above were the only ones used up to December 2022.)

Failing to add a domain in this step will not prevent emails from being delivered to recipients. However, with Microsoft Defender for Office 365, links may be blocked by Outlook whenever users click on them, regardless of disabling rewrite rules.

For organizations using Defender for Office 365, you may still also need to whitelist links from rewriting with Safelinks, so that they are not blocked during redirect in people's browsers also.

Using other email and security systems in your organization?
Please review our simulated phishing overview and ensure you bypass other filters, too.

  • Need any assistance to get this working? Please contact support for help!