Forum Discussion
Solved
IP whitelist not working - Phishing Simulation setup
I am trying to setup 3rd party (TrendMicro) Phishing Simulation for Exchange online. The very first step is add the source IP into whitelist. But whatever whitelists I have added source IPs in, won...
- Just an additional hint to what vinaybabupamu written before,
Please check if you added in the Advanced Delivery -> Phishing Simulation the domain of sender (envelope sender, P1) or DKIM domain of the message. Because for Phishing sim. match it must be both to match IP and domain. https://learn.microsoft.com/en-us/defender-office-365/advanced-delivery-policy-configure -> "There must be a match on at least one Domain and one Sending IP"
P.S.
I would remove Exchange transport rule and IP white list in anti-spam policy - connection filter policy, they do almost same (bypass some scans) and not needed here in case of use Phishing Simulation.
Just an additional hint to what vinaybabupamu written before,
Please check if you added in the Advanced Delivery -> Phishing Simulation the domain of sender (envelope sender, P1) or DKIM domain of the message. Because for Phishing sim. match it must be both to match IP and domain. https://learn.microsoft.com/en-us/defender-office-365/advanced-delivery-policy-configure -> "There must be a match on at least one Domain and one Sending IP"
P.S.
I would remove Exchange transport rule and IP white list in anti-spam policy - connection filter policy, they do almost same (bypass some scans) and not needed here in case of use Phishing Simulation.
Please check if you added in the Advanced Delivery -> Phishing Simulation the domain of sender (envelope sender, P1) or DKIM domain of the message. Because for Phishing sim. match it must be both to match IP and domain. https://learn.microsoft.com/en-us/defender-office-365/advanced-delivery-policy-configure -> "There must be a match on at least one Domain and one Sending IP"
P.S.
I would remove Exchange transport rule and IP white list in anti-spam policy - connection filter policy, they do almost same (bypass some scans) and not needed here in case of use Phishing Simulation.
- The problem solved after I put the sender's mail server domain into the Phishing Simulation. TrendMicro gave a long list of domain but didn't include the actual mail server domain. I located the mail server domain from test messages. Once added in, simulations fly through immediately.
Thanks again.
