In this article, you'll learn how to whitelist by email header in Microsoft 365, Exchange 2016, and Exchange 2019. This method ensures your Phishing Security Tests (PSTs) bypass your spam filters and reach your users’ inboxes. For more information on how to whitelist our training emails, see our Whitelist Training Notifications in Microsoft Defender for Office 365.
If you don't have a spam filter or if you use Microsoft Defender for Office 365, Microsoft requires that you use advanced delivery policies to ensure email delivery.
Bypass Clutter and Spam Filtering
To bypass clutter and spam filtering by email header, follow the steps below.
- Log into your Microsoft 365 Exchange admin center.
- Navigate to Mail flow > Rules.
- Click Add a rule > Create a new rule.
- On the Set rule conditions page, give the rule a name, such as "Bypass Clutter and Spam Filtering by Email Header".
- In the Apply this rule if fields, select The message headers... and includes any of these words.
- Click Enter text, then enter the header name.
Note:By default, the header for KnowBe4 mail is X-PHISHTEST. We recommend changing the default header to a custom header or header token for enhanced security. You can change the header settings for your account from the KSAT Account Settings page. For more information, see our Account Settings Guide.
- Click Save.
- Click Enter words and enter "KnowBe4".
- Click Add, then click Save.
- In the Do the following fields, select Modify the message properties and set the spam confidence level (SCL).
- In the specify SCL pop-up window, select Bypass spam filtering. Then, click Save.
- To the right of the Do the following fields, click the plus icon.
- In the And fields, select Modify the message properties and set a message header.
- Click the first Enter text on the left and enter "X-MS-Exchange-Organization-BypassClutter".
- Click Save.
- Click the second Enter text on the right, then enter "true".
- Click Save.
- Click Next.
- On the Set rule settings page, click Next. As a best practice, we recommend leaving these options at their default settings.
- On the Review and finish page, click Finish.
Bypass the Junk Folder in Microsoft 365
To bypass your Junk folder in Microsoft 365, follow the steps below.
- Log into your Microsoft 365 Exchange admin center.
- Navigate to Mail flow > Rules.
- Click Add a rule > Create a new rule.
- Give the rule a name, such as "KnowBe4 - Skip Junk Filtering".
- In the Apply this rule if fields, select The message headers... and includes any of these words.
Note:Make sure that you add a condition for each header you need to whitelist. For more information on phishing email headers settings, see our Account Settings Guide.
- Click Enter text and enter the header name.
Note:By default, the header for KnowBe4 mail is X-PHISHTEST. We recommend changing the default header to a custom header or header token for enhanced security. You can change the header settings for your account from the KnowBe4 console Account Settings page. For more information, see our Account Settings Guide.
- Click Save.
- Click Enter words and enter "KnowBe4".
- Click Add, then click Save.
- In the Do the following fields, select Modify the message properties and set the spam confidence level (SCL).
- In the specify SCL pop-up window, select Bypass spam filtering. Then, click Save.
- To the right of the Do the following fields, click the plus icon.
- In the And fields, select Modify the message properties and set a message header.
- Cick the first Enter text on the left and enter "X-Forefront-Antispam-Report". This value is case-sensitive.
- Click Save.
- Click the second Enter text on the right and enter "SFV:SKI;CAT:NONE;". To learn more about this header, see Microsoft's Anti-spam message headers in Microsoft 365 article. This field is case-sensitive.
- Click Save.
- Click Next.
- On the Set rule settings page, click Next. As a best practice, we recommend leaving the other options at their default settings.
- On the Review and finish page, click Finish.
- Change the priority of the rule to directly follow the rule you created in the previous section. For more information, see Microsoft’s Set the priority of a mail flow rule article.