Email Whitelisting – Office 365 / Exchange Server

This section ensures both training delivery & notification emails can be successfully delivered to your end-users. The following instructions are for Microsoft 365 / On-Premise Exchange Server.

You can ignore this article if you deliver training notifications via your own email servers, or via your own corporate Learning Management System (LMS).

The following IP Addresses must be whitelisted to bypass spam filtering within your organization. OutThink will send training notifications from these servers.

69.169.231.204
69.169.231.205

If your organization employs an endpoint security device or other gateway which processes all incoming email, the IP Addresses of OutThink’s mail servers listed in this article may not be detected. In this case, it is recommended to whitelist the sender email address, notifications@cyber.outthink.io instead.

For Microsoft 365 customers, whitelisting can be achieved as follows. Refer to the Microsoft documentation for further details, or to configure using Powershell instead.

1. Login to the Microsoft 365 Defender Portal at https://security.microsoft.com/.
2. Navigate to Policies & rules -> Threat policies -> Anti-spam
   (You can navigate directly here using https://security.microsoft.com/antispam).
3. On the Anti-spam policies page, select Connection filter policy (Default) from the list by clicking anywhere in the row other than the check box next to the name.
4. In the policy details flyout that opens, use the Edit connection filter policy link to modify the policy settings:
   • Always allow messages from the following IP addresses or address range:
     Add all IPV4 addresses provided previously in this article.
   • Turn on safe list: Enable this option, if not already set.
5. When finished, click Save.

The following is required to set the Spam Confidence Level and bypass Clutter evaluation rules when emails arrive from OutThink’s servers. This is a necessary step to ensure deliverability.

1. Log in to the Microsoft Exchange Admin Center as an administrator, and navigate to Mail Flow -> Rules.
   This can be accessed directly here: https://admin.exchange.microsoft.com/#/transportrules.
2. Select the + Add a rule button and select the Create a new rule option from the dropdown.
3. Enter the Name such as OutThink Spam Bypass Rule.
4. From the Apply this rule if dropdown, select The sender and then IP address is in any of these ranges or exactly matches.
5. Enter the IP Addresses given above in Step 1, and click Add then Save.
6. Ensure that the Do the following… dropdown is set to Modify the message properties and the following dropdown is set to set the spam confidence level (SCL). In the flyout that appears, select Bypass spam filtering.
7. Click the + sign to the right of the last rule you applied to create an additional rule.
8. Under And, in the dropdown select Modify the message properties and in the subsequent dropdown, select set a message header.
9. Click on the first Enter text link and set the header to X-MS-Exchange-Organization-BypassClutter
10. Click on the next Enter text link and set the value to true.

Click Next, and review the enforcement rules on the next page. Finally, click Next and Finish.

Focused Inbox separates a user’s inbox into two tabs—Focused and Other. The most important email messages are on the Focused tab while the rest remain easily accessible—but out of the way—on the Other tab. It is important for OutThink training notifications to be directed to the Focussed inbox, to ensure they receive appropriate attention.

1. Log in to the Microsoft Exchange Admin Center as an administrator, and navigate to Mail Flow -> Rules.
   This can be accessed directly here: https://admin.exchange.microsoft.com/#/transportrules.
2. Select the + Add a Rule button and select Create a new rule from the drop-down.
3. In the window that appears, enter a Name, such as OutThink Focussed Inbox Rule.
4. From the Apply this rule if drop-down, select The sender and IP address is in any of these ranges or exactly matches.
5. Enter the IP Addresses as listed in Step 1, and exactly as entered in the previous step. Click Add followed by Save.
6. Click Do the following and select Modify the message properties and set a message header.
7. Click on the first Enter text link and set the header to X-MS-Exchange-Organization-BypassFocusedInbox
8. Click on the next Enter text link and set the value to true.

Click Next, and review the enforcement rules on the next page. Finally, click Next and Finish.

Campaign emails will include links to external images, which are served via OutThink’s Content Delivery Network (CDN). These images are desirable to be downloaded to ensure a visually appealing email.

Email image download is however blocked by default by some email clients. To overcome this issue, add the following email address to your end users Safe Senders list.

notifications@cyber.outthink.io

The means to do this will vary depending on the email client used. However for Microsoft 365 / On-Premise Exchange Server, the following two options are provided for reference:

1. Using PowerShell.
   
   In particular, run the Set-MailboxJunkEmailConfguration command for the required users.
   This is detailed here: https://docs.microsoft.com/en-us/powershell/module/exchange/set-mailboxjunkemailconfiguration?view=exchange-ps
   

2. Using the Office Customization Tool. 
   
   In particular, the following settings can be configured:
   “Trigger to apply junk email list settings” – Set to Enabled
   “Overwrite or Append Junk Mail Import List” – Set to either Enabled or Disabled, as required
   “Specify path to Safe Senders” – Set to Enabled and specify a path to a file containing the above email address to add. This file must always be accessible by all users (e.g. on an intranet shared folder).
   
   For Microsoft 365, this is accessed here: https://config.office.com/officeSettings/officePolicies

Was this helpful?

YesNo

3 / 0