To ensure seamless delivery of Right-Hand’s cybersecurity training and phishing simulation emails, we now provide a fully automated PowerShell script that configures your Microsoft 365 environment.
Once downloaded and executed, the script ensures our emails bypass spam filtering, clutter filtering, Safe Links, and Safe Attachments processing, helping prevent delivery issues and reducing setup time, while preserving existing policies to avoid conflicts.
Requirements
Operating System: Windows (Professional or Server editions)
Tool: PowerShell (must be run as Administrator)
Credentials: A valid Office 365 account
Authorization: Access to Exchange Online
Roles that would be required to execute operations:
Global Administrator
Compliance Management
Security Administrator
Note: The Office 365 user executing this script should be a “Global Administrator” or one of the above-listed roles.
Note: Select any one of the methods below.
IP-Based Microsoft Exchange and Microsoft Defender Whitelisting
IP-Based Microsoft Exchange and Microsoft Defender Whitelisting
How to Use the PowerShell Script
Extract the Script
Download the provided file:
Final_IP_Whitelisting.ps1Choose a location you can easily find later (for example:
D:\Final_IP_Whitelisting.ps1\)
Open PowerShell as an Administrator
Click the Start menu and type PowerShell in the search bar.
Right-click Windows PowerShell, then choose Run as Administrator.
In the PowerShell window, navigate to the folder where you extracted the script. For example:
cd 'D:\Final_IP_Whitelisting.ps1\'
Run the commands below separately to sign the script digitally first.
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine
Execute the Script
In the PowerShell window (with Administrator rights), run the script:
.\Final_IP_Whitelisting.ps1
Authentication
When you run the script, you’ll be prompted to sign in with your Office 365 credentials.
If your account uses Multi-Factor Authentication (MFA), you’ll also need to complete an extra verification step, such as:
Entering a 6-digit code from the Microsoft Authenticator app
Approving a text message or mobile notification sent to your registered device.
Script Execution Time
The script usually completes within 3 to 4 minutes, depending on the number of domains being processed.
When the script runs successfully, you'll see confirmation messages displayed in the PowerShell window.
Conclusion
This PowerShell script streamlines whitelisting Right-Hand IPs and domains in Microsoft Exchange and Defender.
✅ Use the correct Office 365 credentials when prompted.
✅ Verify the updated allow policy in the Microsoft Exchange admin center or Microsoft 365 Security Center after running the script.
Custom-Header Based Microsoft Exchange and Microsoft Defender Whitelisting
Custom-Header Based Microsoft Exchange and Microsoft Defender Whitelisting
How to Use the PowerShell Script
Extract the Script
Download the provided file:
Final_Header_Whitelisting.ps1Choose a location you can easily find later (for example:
D:\Final_Header_Whitelisting.ps1\)
Open PowerShell as an Administrator
Click the Start menu and type PowerShell in the search bar.
Right-click Windows PowerShell, then choose Run as Administrator.
In the PowerShell window, navigate to the folder where you extracted the script. For example:
cd 'D:\Final_Header_Whitelisting.ps1\'
Run the commands below separately to sign the script digitally first.
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine
Execute the Script
In the PowerShell window (with Administrator rights), run the script:
.\Final_Header_Whitelisting.ps1
Authentication
When you run the script, you’ll be prompted to sign in with your Office 365 credentials.
If your account uses Multi-Factor Authentication (MFA), you’ll also need to complete an extra verification step, such as:
Entering a 6-digit code from the Microsoft Authenticator app
Approving a text message or mobile notification sent to your registered device
Script Execution Time
The script usually completes within 3 to 4 minutes, depending on the number of domains being processed.
When the script runs successfully, you'll see confirmation messages displayed in the PowerShell window.
Conclusion
This PowerShell script streamlines whitelisting Right-Hand IPs and domains in Microsoft Exchange and Defender.
✅ Use the correct Office 365 credentials when prompted.
✅ Verify the updated allow policy in the Microsoft Exchange admin center or Microsoft 365 Security Center after running the script.