> For the complete documentation index, see [llms.txt](https://wiki.lucysecurity.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://wiki.lucysecurity.com/guides/whitelisting-a-lucy-server/microsoft-o365-whitelisting.md). # Microsoft O365 Whitelisting To create, modify, or remove settings in an advanced delivery policy, you need to be a member of the specific role groups. Microsoft's new "secure by default" feature may affect your current whitelisting rules. Use Advanced Delivery Policies to whitelist emails for phishing simulations. *** ### **Avoid Spam Issues Related to Office 365** **How are Phishing Simulation Emails Whitelisted in O365?** Microsoft has a centralized configuration for phishing campaigns in Exchange Online Protection Policies. The Advanced Delivery section allows configuring Phishing Simulations with specific domain names and senders. Since mid-2021, changes to mail flow and filtering mean exceptions in mail flow rules are optional, and security defaults are enforced, blocking 'High Confidence Phish' emails from passing through Exchange Online Rules. For more details, refer to the following resources: * [Mastering Configuration in Defender for Office 365](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/mastering-configuration-in-defender-for-office-365-part-two/ba-p/2307134) * [Configure Advanced Delivery](https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-worldwide) *** Navigate to the configuration via the [Microsoft 365 Defender portal](https://security.microsoft.com) ->[ security.microsoft.com](https://security.microsoft.com) **Adding Sending Domain and Sending IP to Whitelist** * Open the Microsoft 365 Defender Portal * Navigate to "Email & Collaboration": * Go to Policies & Rules -> Threat policies.

* Select Advanced Delivery.

*** **Configure Phishing Simulation:** * On the Advanced delivery page, go to the Phishing Simulation tab. Click the Edit icon or, if no phishing simulations are configured, click Add.

**Edit Phishing Simulation Settings:** In the Edit third-party phishing simulation modal, adjust the following settings: * **Sending Domain:** Enter at least one sending domain used as the sender email in Lucy.

* **Sending IP:** Enter the sending IP address of your Lucy instance.

* **Specific URLs (optional):** Enter specific URLs that are part of your phishing simulation campaign using the recommended URL syntax format: `example.com/*`

**Save Changes:** * Click Add for all options and Save **Propagation Time:** * Wait at least 30 minutes for changes to propagate before starting any phishing campaigns. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://wiki.lucysecurity.com/guides/whitelisting-a-lucy-server/microsoft-o365-whitelisting.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.