Introduction
Exchange connectors should be used for delivery of PHISH emails. The use of a connector allows for a robust delivery method for PHISH emails by doing the following:
Bypassing of Microsoft grey listing and rate limiting which can come into effect when delivering large amounts of email over a short period of time.
Simplifies the allow listing configuration when external mail scanning appliances are in use.
To ensure email delivery remains secure, our emails are still signed using DKIM with appropriate SPF records in place. The IP addresses referred to in the article are reserved for CybSafe use only and are only used for delivering PHISH emails only.
Setup overview
This is a three step configuration and for the connector to be correctly configured you must complete the below three steps.
Configure the advanced delivery for phishing simulation within Defender.
Create the connector within your Exchange console.
Contact CybSafe support to configure the domain.
⚠️ Without completing all of three of these steps the connector will not work.
Creating the connector
Note: You will need to have Exchange administrator rights to perform these actions.
Navigate to the Exchange configuration console by either:
Within the Microsoft 365 admin centre > Show all (left hand menu) > Exchange > Expand Mail flow > Connectors .
Navigate to https://admin.exchange.microsoft.com/#/connectors.
Under Connectors select "Add a connector".
On the "New connector" page select "Partner organization" and click next.
On the "Connector name" page, give the connector an appropriate name such as "CybSafe PHISH", enter a description if you wish and ensure "Turn it on" is selected, then click next.
On the "Authenticating sent email" page, choose the verify by IP address option and enter the IP address listed in "Allow list for receiving emails", then choose next.
Just to note that this screen shot is correct as of Dec 2025, please check the linked help article for an up to date list of IP addresses to allow list.
On Security restrictions, ensure that "Reject email messages if they aren't sent over TLS is selected".
On review connector page, it should look similar to the following, once you're happy click create connector which should present a "connector created" message, then click close.
Domain configuration
After setting up the connector, you’ll need to ask for email routing to be configured in the CybSafe Platform.
For each domain you want to deliver email via the connector, we will need the Microsoft 365 MX record associated with the domain. To get the MX record for each domain, do the following:
Navigate to the Microsoft 365 domain configuration page by either:
Within the Microsoft 365 admin centre, under settings click Domains.
For each domain, click on the entry, navigate to the DNS records tab and make note of the value next to the MX type.
Email a table similar to the following to [email protected] with the subject line of Exchange connector, the Support Team will be able to make the required configuration changes and will confirm once they are done.
Once the Support Team has confirmed the settings are in place PHISH email will be delivered directly to your Microsoft 365.
Domain | MX |
domain-one.com | domain-one-com.mail.protection.outlook.com |
domain-two.com | domain-two-com.mail.protection.outlook.com |
Microsoft documentation
Microsoft documentation for configuring an Exchange connector can be found at the following link