# Microsoft O365 Whitelisting

To create, modify, or remove settings in an advanced delivery policy, you need to be a member of the specific role groups. Microsoft's new "secure by default" feature may affect your current whitelisting rules. Use Advanced Delivery Policies to whitelist emails for phishing simulations.

***

### **Avoid Spam Issues Related to Office 365**

**How are Phishing Simulation Emails Whitelisted in O365?**

Microsoft has a centralized configuration for phishing campaigns in Exchange Online Protection Policies. The Advanced Delivery section allows configuring Phishing Simulations with specific domain names and senders. Since mid-2021, changes to mail flow and filtering mean exceptions in mail flow rules are optional, and security defaults are enforced, blocking 'High Confidence Phish' emails from passing through Exchange Online Rules.

For more details, refer to the following resources:

* [Mastering Configuration in Defender for Office 365](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/mastering-configuration-in-defender-for-office-365-part-two/ba-p/2307134)
* [Configure Advanced Delivery](https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-worldwide)

***

Navigate to the configuration via the [Microsoft 365 Defender portal](https://security.microsoft.com) ->[ security.microsoft.com](https://security.microsoft.com)

**Adding Sending Domain and Sending IP to Whitelist**

* Open the Microsoft 365 Defender Portal
* Navigate to "Email & Collaboration":
* Go to Policies & Rules -> Threat policies.

<figure><img src="https://3536856424-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVYPsDfg76rUuy4DWfSsJ%2Fuploads%2FcjZgpEFePHgZloOc3Fei%2Fimage.png?alt=media&#x26;token=6eac4b25-de0f-4798-8a73-71545711fe1c" alt=""><figcaption></figcaption></figure>

* Select Advanced Delivery.

<figure><img src="https://3536856424-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVYPsDfg76rUuy4DWfSsJ%2Fuploads%2F0YM8d31ufhvkZTVqLKpZ%2Fimage.png?alt=media&#x26;token=da61f479-fd7c-44b7-a768-650c648ab4f1" alt=""><figcaption></figcaption></figure>

***

**Configure Phishing Simulation:**

* On the Advanced delivery page, go to the Phishing Simulation tab. Click the Edit icon or, if no phishing simulations are configured, click Add.

<figure><img src="https://3536856424-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVYPsDfg76rUuy4DWfSsJ%2Fuploads%2F8dz8YT2UXJTW31KHFOkz%2Fimage.png?alt=media&#x26;token=0bde84b5-cbe4-47a3-9d84-0332d520e7d3" alt=""><figcaption></figcaption></figure>

**Edit Phishing Simulation Settings:**

In the Edit third-party phishing simulation modal, adjust the following settings:

* **Sending Domain:** Enter at least one sending domain used as the sender email in Lucy.

<figure><img src="https://3536856424-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVYPsDfg76rUuy4DWfSsJ%2Fuploads%2FKkjAz5eblG4PzBhxQfSz%2Fimage.png?alt=media&#x26;token=9fa6a306-9104-4e7e-9b54-401942f4644e" alt="" width="563"><figcaption></figcaption></figure>

* **Sending IP:** Enter the sending IP address of your Lucy instance.

<figure><img src="https://3536856424-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVYPsDfg76rUuy4DWfSsJ%2Fuploads%2Fwis4pS4AUa7jkrcCpseB%2Fimage.png?alt=media&#x26;token=638b077f-9708-454f-85f5-d5248d21ced3" alt="" width="563"><figcaption></figcaption></figure>

* **Specific URLs (optional):** Enter specific URLs that are part of your phishing simulation campaign using the recommended URL syntax format: `example.com/*`

<figure><img src="https://3536856424-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVYPsDfg76rUuy4DWfSsJ%2Fuploads%2FPWPasrSUUCQU05wbVGrn%2Fimage.png?alt=media&#x26;token=699e9cad-8124-45d0-a700-b96a9523d549" alt="" width="560"><figcaption></figcaption></figure>

**Save Changes:**

* Click Add for all options and Save

**Propagation Time:**

* Wait at least 30 minutes for changes to propagate before starting any phishing campaigns.