How to Whitelist in Microsoft Defender

Configuring your phishing simulation in Defender: 

1. Go to Microsoft Defender and log in

   

2. Click on “Email and collaboration” in the sidebar and then “Policies & Rules"

   

3. Click on “Threat policies” and then on “Advanced Delivery”

   
   
   
4. Click on the “Phishing simulation” tab
   
   
   
   
5. Click on “Edit” and expand the “Domain” settings. Here you need to enter the domains we have assigned the simulations. You have received this from us in an email. You also need to add:
   1. link120623.dk
   2. Add the domain you received via email from your Customer Success Manager
      
      
6. Expand the “Sending IP” settings and enter the IP addresses. You need to add these IP addresses:
   1. 3.75.105.111
   2. 3.77.162.184
   3. 3.120.101.167
   4. 35.159.187.97
   5. 91.233.64.66
   6. 91.233.64.65
   7. 91.233.64.64
      
      
7. Expand the “Simulation URL” settings and enter the Simulation URL:
   1. link120623.dk/*
   
8. Click “Save” and then “Close”
   

Add IP addresses to your Connection filter policy:

1. Go to Microsoft Defender and log in

   

2. Click on “Email & collaboration” in the sidebar and then “Policies & Rules”

   

3. Click on “Threat policies” and then on “Anti Spam policies”

   

4. Go to "Connection filter Policy"

   
   
   

5. Click "Edit connection filter policy" > Add these IP's to "Always allow messages from the following IP addresses or address range"

   1. 3.75.105.111

   2. 3.77.162.184

   3. 3.120.101.167

   4. 35.159.187.97

   5. 91.233.64.66

   6. 91.233.64.65

   7. 91.233.64.64

   
   

6. Ensure that Connection Filter Policy is on and click "Save" 

   
   
   

Test the whitelisting

Now, we want to test that the campaign can be delivered to your inbox (and that the whitelisting worked).  

Here's how to do that: 

1. Login to the CyberPilot App
2. Go to "Phishing" and click "Campaigns"
3. Locate your upcoming campaign in the list of campaigns
4. Click the "..." actions button associated to your upcoming campaign
   
   
5. Click "Send test email"
6. Check your email inbox to ensure that the email was delivered. If you can't find it in your inbox, start follow the whitelisting process again and make sure you haven't missed any steps. 
7. After you get the test email, check that: 
   1. The email is delivered correctly
   2. The link within the email works (there is no link protection blocking it)

8. If both of these are confirmed, you are all done. Let your Customer Success Manager know that everything worked properly. 

   1. Check the "whitelisting confirmed" box in the app and write to your Customer Success Manager to let them know you're ready.

Troubleshooting – what if the email couldn’t be delivered correctly? 

In case the delivery failed, you need to revisit the whitelisting guide above. Go through the guide and ensure that you’ve followed the steps correctly.

• It’s common to accidentally miss a step or put in the wrong domain, IP address or URL. Did you miss a step?  
• The most common issue is that the email was blocked in one of your security systems. See if you can identify in which system and where the email was "blocked".
• Think about if there are any other email security tools you might have forgotten about. Maybe you need to whitelist there as well.  
  
  

If you have trouble along the way, reach out to your Customer Success Manager. They will support you where possible, but it is important that you also get help from your IT administrator, who has in-depth knowledge of your email security systems. 

If you can’t determine the cause of the delivery failure, you have the option to set up a mail connector (through Microsoft).