Managed Security Awareness Integration with Microsoft Exchange
Updated Sep 15, 2023Add the MA IP address to Microsoft Exchange allowlists
Using Microsoft Exchange®, allowlist the MA program IP address and headers, and any applicable third-party IP addresses that are used during spam filtering. This could be a static IP address or a range of IP addresses that are assigned to you by your third-party provider.
Before you begin
- Complete Step 2: Add MA to email gateway and spam filtering allowlists.
- Obtain the MA IP address to allowlist. To see the complete list of IP addresses that you must allowlist, go to the Arctic Wolf Unified Portal, and then click Help > Allowlist Requirements. The IP addresses that must be allowlisted are listed under Security Awareness Training.
- If applicable, obtain the static IP address or range of IP addresses from your third-party provider.
Steps
- Allowlist the MA IP address in Microsoft Exchange.
- Bypass clutter and spam filtering in Microsoft Exchange.
- (Optional) Enable a bypass spam filtering policy.
Step 1: Allowlist the MA IP address in Microsoft Exchange
-
Sign in to your Microsoft Outlook® administrative portal.
-
Click Apps > Admin.
-
In the navigation pane, under Admin centers, click Exchange.
-
Under protection, click connection filter.
-
Click the pencil to edit the default connection filter policy.
-
In the sidebar, click connection filtering.
-
Under IP Allow list, click +.
-
On the Add allowed IP address page, enter the MA IP address.
-
Click OK, and then click Save.
-
Make sure your settings work correctly. Send a test MA phishing simulation email to yourself or admins:
- In the MA Portal menu, click Administration Dashboard.
- Click the User Information tab.
- Click Send Test Email.
Note: To preview the test email, see Email templates. If your test email is not received, verify the steps above, and then send another test email. If you continue to experience issues with receiving test emails, contact Arctic Wolf for assistance.
See Send a test email for more information about test emails.
Step 2: Bypass clutter and spam filtering in Microsoft Exchange
-
Sign in to your Microsoft Outlook administrative portal.
-
Under Apps, click Admin.
-
In the navigation pane, under Admin centers, click Exchange.
-
In the sidebar, click mail flow.
-
In the rules tab, click + to expand the menu, and then click Bypass spam filtering.
-
In the Name field, enter a name such as
Bypass clutter and spam filtering by IP address
. -
In the Apply this rule if menu, select The sender > IP address is any of these ranges or exactly matches.
-
Enter the MA IP address, and then click OK.
-
In the Do the following menu, click Modify the message properties > set a message header.
-
Click Enter text to set the message header, and then enter
X-ArcticWolf
.Tip: This field is case-sensitive.
-
Click OK.
-
After to the value, click Enter text to set the value, and then enter
Arctic Wolf
. -
Click OK.
-
Click add action.
-
In the Do the following menu, select Modify the message properties > Set the spam confidence level (SCL) to > Bypass spam filtering.
-
Click Save.
-
Make sure your settings work correctly. Send a test MA phishing simulation email to yourself or admins:
- In the MA Portal menu, click Administration Dashboard.
- Click the User Information tab.
- Click Send Test Email.
Note: To preview the test email, see Email templates. If your test email is not received, verify the steps above, and then send another test email. If you continue to experience issues with receiving test emails, contact Arctic Wolf for assistance.
See Send a test email for more information about test emails.
Step 3: Enable a bypass spam filtering policy
-
Sign in to your Microsoft Outlook administrative portal.
-
Under Apps, click Admin.
-
In the navigation pane, under Admin centers, click Exchange.
-
In the sidebar, click mail flow.
-
In the rules tab, click + to expand the menu, and then click Bypass spam filtering.
-
In the Name field, enter a name such as
Arctic Wolf junk filter
. -
In the Apply this rule if menu, click The Sender > IP address is any of these ranges or exactly matches.
-
Enter the MA IP address, and then click OK.
-
In the Do the following menu, select Modify the message properties > set a message header.
-
Click Enter text to set the message header, and then enter
X-ArcticWolf
. -
Click OK.
-
After to the value, click Enter text to set the value, and then enter
Arctic Wolf
. -
Click OK.
-
Click Save.
-
Under Properties of this rule, set the Priority value.
-
Make sure your settings work correctly. Send a test MA phishing simulation email to yourself or admins:
- In the MA Portal menu, click Administration Dashboard.
- Click the User Information tab.
- Click Send Test Email.
Note: To preview the test email, see Email templates. If your test email is not received, verify the steps above, and then send another test email. If you continue to experience issues with receiving test emails, contact Arctic Wolf for assistance.
See Send a test email for more information about test emails.