Table of contents
Here's how to configure whitelist settings by email headers in Microsoft 365, Exchange 2016, and Exchange 2019 to ensure that your Phishing Security Tests successfully bypass spam filters and are delivered to user inboxes:
Bypass Clutter and Spam Filtering by email header
Please follow the below steps.
Sign in to your Exchange Admin Center.
Go to Mail flow, then select Rules.
βClick Add a rule and then, Create a new rule.
On the "Set rule conditions" page, assign a descriptive name to the rule, such as "Bypass Clutter and Spam Filtering by Email Header".
In the "Apply this rule if" options, choose "The message headers..." and "includes any of these words".
6. Click Enter text, then enter the custom header name that was shared by Right-Hand, and then click Save.
You can ask for the custom header, which is associated to your company tenant in cyberready from your customer success manager. Alternatively you can mail to [email protected] to get the same. The header has the following format:
X-RHS-TID-<unique hash>
β
7. Click Enter words and enter the hash value inside the header, then click Add and Save.
8. In the "Do the following" options, select "Modify the message properties" and select the "spam confidence level (SCL)."
9. In the "specify SCL" pop-up window, select "Bypass spam filtering" and then click on Save.
10. Next to the "Do the following" fields, click the plus icon.
11. In the "And" fields, choose "Modify the message properties" and select "set a message header."
12. In the initial "Enter text" field on the left, input "X-MS-Exchange-Organization-BypassClutter" and click Save.
β
13. Click the second Enter text on the right, then enter "true" and click Save.
14. Click Next.
15. When you're on the Set rule settings page, simply click "Next" to proceed. Typically, it's advised to stick with the default settings unless you have a specific reason to change them. This helps maintain consistency and ensures that the system operates smoothly.
16. On the final Review and finish page, click Finish.
Important Note: The mail flow or transport policies in Exchange/O365 are executed based on the priorities (execution priorities) set for the rule so please ensure that the priority for this rule is set in a way that its execution is not prevented or skipped due the presence of another contradicting rule at a higher execution priority which may surpass the purpose of this rule.
Bypass the Junk Folder in Microsoft 365
Sign in to your Exchange Admin Center.
Go to Mail flow, then select Rules.
Click Add a rule and then, Create a new rule.
Add the rule a name, as "Right-Hand - Skip Junk Filtering".
In the "Apply this rule if" section, opt for "The message headers..." and then select "includes any of these words".
Click Enter text, then enter the custom header name that was shared by Right-Hand, and then click Save.
Click Enter words and enter the hash value within the header provided to you, then click Add and Save.
In the "Do the following" options, select "Modify the message properties" and select the "spam confidence level (SCL)."
In the "specify SCL" pop-up window, select "Bypass spam filtering" and then click on Save.
Next to the "Do the following" fields, click the plus icon.
In the "And" fields, choose "Modify the message properties" and select "set a message header."
In the initial "Enter text" field on the left, input "X-Forefront-Antispam-Report" and click Save.
In the second "Enter text" field on the right, input "SFV:SKI;CAT:NONE;". For further details on this header, refer to Microsoft's article on Anti-spam message headers in Microsoft 365. It's important to note that this field is case-sensitive.
Click Next.
When you're on the Set rule settings page, simply click "Next" to proceed. Typically, it's advised to stick with the default settings unless you have a specific reason to change them. This helps maintain consistency and ensures that the system operates smoothly.
On the final Review and finish page, click Finish.
Please note: Modify the rule's priority so that it comes right after the rule you established in the previous section.