In this article, you’ll learn how to whitelist our phishing security tests and training emails in your Exchange SE mail server. Whitelisting our IP addresses allows us to bypass your Microsoft Exchange Online Protection (EOP) mail filter and ensure the deliverability of our phishing security tests and training notifications.

To learn how to whitelist by IP address, follow the steps below.

1. Log in to your Exchange Admin Center Exchange Admin Center (link opens in new window).
2. Navigate to Mail flow > Rules.

3. Click Add a rule > Create a new rule.

   

4. Give the rule a name, such as "Bypass Spam Filtering by IP Address".

5. In the Apply this rule if fields, select The sender and IP address is in any of these ranges or exactly matches.

   

6. In the specify IP address ranges pop-up window, enter all of our IP addresses one-by-one. After each IP address, click Add. For a list of our IP addresses, see the KnowBe4's IP Addresses, Hostnames, and Headers section of our Whitelisting Guide.

7. After you've entered all the IP address, click Save.

   

8. In the Do the following fields, select Modify the message properties and set a message header.

   

9. Click the Enter text on the left and enter "X-MS-Exchange-Organization-BypassClutter". This field is case-sensitive.

10. Click Save.

    

11. Click the second Enter text and enter "true". This field is case-sensitive.

12. Click Save.

    

13. To the right of the Do the following fields, click the plus icon.

    

14. In the And fields, select Modify the message properties and set the spam confidence level (SCL).

    

15. In the specify SCL pop-up window, select Bypass spam filtering. Then, click Save.

    

16. Click Next.
17. On the Set rule settings page, click Next. As a best practice, we recommend leaving the other options at their default settings.

18. On the Review and finish page, click Finish.