Introduction
This guide is to show you how to make all the necessary allowlisting changes to ensure emails from CybSafe PHISH reach people in your organisation.
This guide uses the updated allowlisting guidance from June 2024 and is based on a Microsoft outlook set up with Windows Defender.
If you use an external email scanning service (e.g. FireEye ETP, Mimecast, MessageLabs or Proofpoint), you will also need to allow CybSafe emails on their system. Please consult their documentation for details of how to do this - links in additional documentation below.
Step by step guide
Step 1:
As a Microsoft security administrator, go to advanced delivery
This can also be reached by navigating to:
Microsoft Admin -> Security -> Policies & rules (under Email & collaboration) -> Threat policies -> Advanced delivery (under Rules) -> Phishing simulation tab
Step 2:
On the Phishing simulation tab, click edit. Add the following IP addresses as sending IPs
54.78.3.99
54.74.7.50
34.254.53.189
34.252.200.43
34.246.164.195
Step 3:
Add the following domains
cs-mail-sender.com
email.cs-mail-sender.com
Step 4:
Save and apply your changes. They should look like the below:
Step 5:
If you use an external email scanning service (e.g. FireEye ETP, Mimecast, MessageLabs or Proofpoint), you will also need to allow CybSafe emails on their system at this point.
You may also need to configure exchange online protection if you use this:
Exchange Online Protection
Exchange Online Protection
Exchange Online Protection (EOP) does not allow safe lists or filtering bypass for messages that are identified as malware or high confidence phishing. But, there are specific scenarios that require the delivery of unfiltered messages such as a CybSafe Phishing Campaign.
Follow the steps in this Microsoft article to ensure delivery of our Emails:
NB: you will need to add /* to the end of urls added here for Microsoft to process them correctly
Step 6:
Test your changes using the test phishing campaign feature on CybSafe.
