Skip to main content
Skip table of contents

Advanced delivery for third-party phishing simulations (Microsoft 365)

To ensure that all simulated phishing emails actually reach their intended recipients, advanced delivery must be set up in Microsoft 365 Defender. Doing so only takes a few minutes and we have prepared a step-by-step guide to make things easy for you.

  1. Log in to your email server portal with an administrator account and select Security.

  2. Select Policies & rules and then Threat policies.

  3. Under Rules, select Advanced delivery.

  4. Here, first select the tab called Phishing simulation and then select Edit. A new window titled Edit third party phishing simulations will open.

  5. In the corresponding fields, enter the whitelisting information provided in the SoSafe Manager (Settings / Whitelisting) as follows:

    1. The domains provided under Envelope sender addresses (technical senders) belong in Sending Domain on the Microsoft page. Note that only the domain, the part after the @ (, should be added here, not the entire address.

    2. The IPv4 addresses provided under SoSafe mail servers belongs in Sending IP on the Microsoft page.

    3. The domains/URLs provided under List of used domains in the phishing links belong under Simulation URLs to allow on the Microsoft page. Please use the following format: "".

  6. Select Save to finish the process. It may take some time for the changes to take effect.

Microsoft only allows adding a total of 30 entries. As a result, you must also whitelist the phishing domains in Microsoft Defender. See Whitelisting domains with safe links (Microsoft Defender) for more information.

Whitelisting Settings.png

Settings / Whitelisting in the Manager


Edit third party phishing simulations on the Microsoft page

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.