G DATA Phishing Simulation

Open the Microsoft 365 admin center.

Click on Security within the left side menu.

Click on Exchange Message Tracking in the left side menu. This will take you to the Exchange Admin Center.

Click on E-mail flow in the left side menu and then on Rules in the submenu that opens.

Click on Add a rule. In the submenu that opens, select Create a new rule.
A new window opens on the right-hand side of the screen. Give the rule a name. For example "GDATA PhishingSIM WhitelistDomains".

For Apply this rule if…​ select The sender in combination with IP is in any of these ranges or exactly matches.

Enter an IP address used by our campaign and click on Add. Repeat the process until all the necessary domains have been added. Finally, click on Save.

Select Change message properties from the pull-down menu.
In the next pull-down menu, select Set SCL rating (Spam Confidence Level).
Another window opens on the right-hand side of the screen.

Select Bypass spam filtering in the pull-down menu and click on Save.

Click Next.

In the next window, make sure that the Rule mode is set to "Enforce" and select a severity level for this rule. Rule matches are grouped by severity in activity reports. The severity level is only a filter to ease the use of the reports. The severity level has no effect on the priority in which the rule is processed. The severity levels are:

Click Next.

Check the settings again in the next window and click on Finish.

Your rule is then available in your rule overview. However, it is still deactivated. Click on the word Disabled and a new window will open on the right-hand side of the screen.

Drag the status slider to Activated.