In this article, we explain how to whitelist Exchange Online (Office 365). 

 

The following steps are required: First, you set up an IP permission list that contains our IP address. Then, you set up a message flow rule so that our incoming e-mail can bypass both the Clutter folder and Microsoft's EOP spam filter. In addition, a rule must be created in Office 365 regarding the Junk folder. 

Once you have completed this process, it may take some time for the settings to be fully processed. We recommend that you wait one to two hours before you test whether the whitelisting was successful. 
 

For the IP addresses used, please refer to the SoSafe Manager Portal under Simulation > Whitelisting. Self-service customers can only view this information through their individual SoSafe Manager access. All other customers can also access this information via the following direct link: https://manager.sosafe.de/?redirect=whtlstng.  



Chapter 1: Setting Up the IP Permission List

Step 1

Log in to your mail server portal and click “Security” from the menu

 

 

Step 2

Choose under “Policies & rules” the part “Threat policies”

Step 3

Click on the “Anti-spam”

Step 4

Under the Connection filter poliy click “Edit policy”. A pop-up window will open.

Step 5

Click “Edit” next to IP Allow List. Another pop-up window opens.

Step 6

Insert our IP address(es) here (see platform or direct link) and click "Save".

 

Step 7

 

Click on "Save". This completes the Setting Up the IP Permission List section.


Chapter 2: Bypass Spam and Clutter filters

Step 1

Log in to your mail server portal and click “Security” from the menu

Step 2

Choose “Exchange message trace” in the left menu. The Exchange Admin Center opens in a new window

 

Step 3

Click on “Rules” under the drop-down menu “Mail flow”

 

Step 4

Click on the plus icon and select “Create a new rule…”. A pop-up window opens.

Step 5

Give the rule a name, e.g. " Avoid spam and clutter filters by IP address" (1), and click "More options..." (2)

 

Step 6

In the drop-down menu, under the "Apply this rule if..." item, select the "The Sender..." item. (1) - then activate the rule "IP address is in any of these ranges or exactly matches" (2).

Step 7

Enter our IP addresses (see platform or direct link) in the window that opens (1) and click on the (+) button (2) to add them. Add more addresses if necessary and then click on "OK" (3).

Step 8

In the drop-down menu under "Do the following..." click "Change message properties...". (1) and then click Set Message Header (2).

Step 9

 

On the right this text should appear: Set the message header *Enter text… to the value *Enter text...

Enter “X-MS-Exchange-Organization-BypassClutter” for the first placeholder and “true” for the second placeholder. 

Step 10

Click on “add action” and select “Modify the message properties…” from the drop-down menu (1), then select “set the spam confidence level (SCL)” (2).

Step 11

In the pop-up window, select the option “Bypass spam filtering” and press “OK”. 

The finished rule should look like this:

  

Press “Save”. This completes the chapter Bypass Spam and Clutter filters.


Chapter 3: Bypass Junk filter 

Step 1

Follow the steps 1 – 3 in chapter 2 and open “Rules” under the drop-down menu “Mail flow”

 

Step 2

Click on the pen icon and select “Create a new rule…”. A pop-up window opens.

Step 3

Give the rule a name, e.g. " Junkfilter" (1), and click "More options..." (2)

 

Step 4

Select “The sender” (1) from the drop-down menu under *Apply this rule if... and then select “IP address is in any of these ranges or exactly matches” (2). 

Step 5

Enter our IP addresses specified on the platform in the pop-up window (1) and press the (+) button (2). Repeat for all relevant IP addresses. Then press “OK” (3).

  

Step 6

In the drop-down menu under *Do the following..., press “Modify the message properties...” (1) and then “set a message header” (2). 

 

Step 7

On the right this text should appear: Set the message header *Enter text… to the value *Enter text...

Enter “X-Forefront-Antispam-Report” for the first placeholder and “SFV:SKI;” for the second placeholder. 

 

The finished rule should look like this:

Now press "Save" - This completes the final chapter of the whitelisting process for Office 365.