Phishing Simulator
      Back to home
      1. Help Centre
      2. Our platform
      3. Phishing Simulator

      Configuring Office 365 for Secure Schools Phishing Simulations

      To ensure that Secure Schools Phishing Simulations are successful and safe, your email environment must be configured to recognise the emails as trusted phishing simulations.

      Without completing this step, the phishing simulation emails will likely be held in the Office 365 Quarantine and must be manually released. At the same time, it's also important not to undermine Office 365's inbuilt security features, which could allow an attacker to spoof the domain names used by our phishing simulator.

      The objectives of this guide are as follows:

      • Ensure that Exchange Online Protection and Microsoft Defender take no action for Secure Schools Phishing Simulations

      • Zero-hour Purge take no action for Secure Schools Phishing Simulations

      • Safe Links and Safe Attachments features do not "fire" the attachments or links in phishing simulation emails and, therefore, reduce the likelihood of a false positive

      • Keep SPF, DKIM and DMARC controls in place

      • Keep malware controls in place

      With the above in mind, we have prepared step-by-step instructions for allowing Secure Schools Phishing Simulation emails through the Office 365 filters while maintaining SPF, DKIM and DMARC controls adopted from Microsoft's guide for configuring the delivery of third-party phishing simulations.

      If you have any questions or concerns about this guide, please comment here or use the help link at the top of this page. One of our team members will be happy to help.

      Step 1

      Log in to Microsoft 365 Defender with an account that has the Security Administrator and a member of the Organization Management role group. A global administrator would have these privileges by default.


      Step 2

      Navigate to Policies & Rules > Threat Policies > Advanced Delivery, then click on the Phishing Simulation tab.

      13574590564497


      Step 3

      Click the Edit button to access the Third Party Phishing Simulations options.12252842780433


      Step 4

      In the Third Party Phishing Simulations options pane, enter the Secure Schools' Phishing Simulator details:

      Sending Domains:

      1. emaildistributionhub.co.uk

      2. notificationdistributionhub.co.uk

      3. emaildistributionhub.com

      4. notificationdistributionhub.com

      5. emaildispersalhub.co.uk

      6. emaildispersalhub.com

      7. maildispersalhub.com

      8. notificationdispersalhub.co.uk

      9. notificationdispersalhub.com

      Please note that the above list is regularly updated and may include additional domains not included in the screenshots

      Sending IP:

      • 185.250.239.80
      Third Party Phishing Simulations
       
      There's no requirement to add Simulation URLs to allow.
       
      Step 5
      Click Save.

      Congratulations, your school or trust's Office 365 tenancy has been configured to receive phishing simulation emails safely!
       
       

      Under most configurations, whitelisting our phishing simulation platform hostnames and IP addresses will be enough to allow the simulation emails to arrive in the user’s inbox. However, under some setups, you may need to whitelist by email header to ensure the phishing simulation emails are delivered correctly. 

       

      How to configure bypassing spam filtering by mail header in Microsoft 365

      To bypass spam filtering by email header:

      1. Log into the Microsoft 365 Exchange Admin Centre
      2. Navigate to Mail flow and select Rules
      3. Select Add a rule, then select either Bypass spam filtering if it already exists or select Create a new rule if it doesn't
        Bypass spam filteringNew rule
        New rule
      4. For a new rule, enter a suitable rule name
      5. From the Apply this rule if option, select The message headers…
      6. In this same section, select includes any of these words
      7. Under the Apply this rule if section, click Enter text to specify the header name:
        X-PHISHTEST
      8. Select Save
      9. Select Enter words and enter SecureSchools
      10. Select Add and then Save
        Header Setting
      11. Under the Do the following section, make sure the options are set to:
        1. Modify the message properties
        2. Set the spam confidence level (SCL)
        3. Set the spam confidence level (SCL) is set to -1Spam Confidence
      12. In the same section, add a second action by clicking the + icon to the right of the drop-down menu.
      13. In the And section, select Modify the message properties
      14. In the same section, select Set a message header
      15. Click the lefthand Enter text option and enter X-MS-Exchange-Organization-BypassClutter.
      16. Select Save
      17. Select Enter text and enter trueModify Header
      18. Review all settings and click Next.
      19. Set the Rule mode to Enforce and then click Next
      20. Review all settings and select Finish
      15781826449297