Whitelisting simulated phishing in Office 365

This guide is intended for administrators to allow simulated phishing from Secure Practice.

You need a security administrator role in Office 365 to be able to complete this guide.

Go to https://security.microsoft.com and login with your administrator account.

In the main menu (left navigation), find «Policies & Rules».

Click the «Threat policies» link in the list that comes up, to reveal the following:

Here, click on «Advanced delivery» to manage overrides for special system use cases.

On the next page, click the «Phishing simulations» tab in the horizontal navigation:

This is where Microsoft allows us to configure the rules we need.

Click the blue «Add» button (see above) to configure this for the first time.
Alternatively, click the the «Edit» button (pencil icon, see below) if a policy already exists.

In the «Domain» field, insert the following:

smtp.sendfiend.com

In the «Sending IP» field, insert the following:

207.154.247.120
206.189.251.203

In the «Simulation URLs to allow» field, make sure you include all web domains used with the phishing simulator, including:

*.sendfiend.com/*
*.4qw.nl/*
*.telecomservic.es/*
*.sitestoragesharing.nl/*
*.mediapage.eu/*

*.webhostnet.net/*
*.nefflix.it/*
*.onebrive.com/*
*.passwordauthority.eu/*
*.passordmyndighet.no/*

This last field for simulation URLs is however optional, but is recommended to include whatever URLs for domain names you are going to use for landing pages in your phishing simulations.

In addition, you may need to complete the whitelisting in Defender for Office 365 guide.

Using other email and security systems in your organization?
Please review our simulated phishing overview and ensure you bypass other filters, too.

Need any assistance to get this working? Please contact support for help!

Guides for system admins

Whitelisting simulated phishing in Office 365

Secure Practice

Product

Resources