Skip to content
Contact Us
  • There are no suggestions because the search field is empty.

Additional Configuration - Trend Micro

Safelisting Secure Schools on Trend Micro

This guide provides instructions for configuring Trend Micro security services—including Trend Vision One, Cloud App Security, and Trend Micro Email Security—to ensure that Secure Schools phishing simulations are delivered correctly and that users can access simulation links. (Sources)

If you encounter any issues with these steps, please contact your usual Trend Micro support contact. 

Overview

Trend Micro's multi-layered protection can flag simulated phishing emails as "High-Risk" or block the landing page URLs as "Malicious". To prevent this, you must configure specific bypass rules and approved sender lists using Secure Schools' IP addresses and domains.

Prerequisites

You will need the following information from the Secure Schools Domains and IP Addresses KB article, including the Sending IP Address, Infrastructure IP Address, and Primary Domains.

Configuration Steps

1. Trend Micro Email Security (IP Bypass)

If you use Trend Micro Email Security (formerly Hosted Email Security), you should enable the global phishing simulation bypass.

  1. Log on to your Trend Micro Email Security console.

  2. Navigate to Administration > Other Settings > Service Integration.

  3. Click the Phishing Simulation tab.

  4. Enable the Bypass scans for Trend Micro phishing simulations toggle.
    Note: This setting allows Trend Micro to skip scans for incoming emails from recognised simulation providers.

  5. In the Phishing Simulation Settings pop-up, click Add.

  6. Enter the Secure Schools Sending IP Address: 185.250.239.80.

  7. Click Save.

2. Trend Micro Cloud App Security (Policy Bypass)

For organisations using Cloud App Security (CAS) for Microsoft 365 or Google Workspace, you must update your ATP policies.

  1. Navigate to the Advanced Threat Protection tab and select your Exchange Online policy.

  2. Advanced Spam Protection:

    • On the left, select Advanced Spam Protection and ensure it is enabled.

    • Select the Approved/Blocked Sender List and check the Enable the approved sender list box.

    • Add the Secure Schools domains (e.g., *@secureschools.com) to the list.

  3. Web Reputation:

    • On the left, select Web Reputation and ensure it is enabled.

    • Select the Approved/Blocked URL List and check Enable the approved URL list.

    • Add all the Secure Schools landing page domains listed in the prerequisites.

  4. Click Save to apply the policy.

3. Trend Vision One (Cloud Email Gateway)

In the newer Trend Vision One console, follow these steps for the Cloud Email Gateway:

  1. Navigate to Policies > Global Settings > User-Defined Lists.

  2. Select Approved/Blocked Lists and choose Exchange Online.

  3. Under the Approved Header Field List section, check Enable the approved header field list.

  4. If your platform uses specific headers (e.g., X-PHISH), add them here; otherwise, ensure the Sender Filter includes our sending IP and domains.


Always get the most current and complete list of exact IP addresses listed in our article here: Domains and IP Addresses. Note that these lists can change over time. Using an outdated list may result in failed delivery.