Add MA to email gateway and spam filtering
If you use a third-party email service to filter spam email, the service can identify Managed Security Awareness® (MA) program emails as spam and block delivery to your email service. You must configure your email gateway and spam filtering to allow the MA IP addresses, email headers, and phishing domains and URLs.
If you use Microsoft 365 with a third-party secure email gateway, email relay, or on-premises/hybrid Exchange Online system, consider using enhanced filtering. For more information, see Enhanced filtering for connectors in Exchange Online.
Enhanced filtering provides:
- Improved accuracy for the Microsoft filtering stack and machine learning models, including:
- Reduced false positives in Domain-Based Message Authentication, Reporting & Conformance (DMARC) from content modification and lack of an Authenticated Received Chain (ARC) seal
- Heuristic clustering
- Anti-spoofing
- Anti-phishing
- Better post-breach capabilities in Automated investigation and response (AIR).
- Explicit email authentication to verify the reputation of the sending domain for impersonation and spoof detection. For more information about explicit and implicit email authentication, see Email authentication in Microsoft 365.
These actions are required:
- Complete Enroll users into your MA program.
- Obtain the MA IP addresses to allowlist.
To see the IP addresses that you must allowlist, sign in to the Arctic Wolf Unified Portal, click
Resources > Allowlist Requirements, and then view the IP addresses in the section for your product.
If your organization uses multiple third-party email services, complete the allowlisting steps for each service to ensure that MA content reaches intended users.
If your third-party email gateway is not in the provided list, contact your email service provider for allowlisting assistance.
If you require assistance with your configuration, submit a ticket in the Arctic Wolf Unified Portal.
- Complete Add MA to email allowlists.