Whitelisting PhishGuard Email Header in Exchange 2013 or 2016

Modified on Mon, 1 Apr at 10:55 PM






Whitelisting PhishGuard Email Header in Exchange 2013 or 2016


The following is the process of whitelisting phishing email headers on Exchange 2013 or 2016 platforms.

 

Mail filters will sometimes block the emails our servers send, but there is a way to resolve this issue with whitelisting. Whitelisting allows for phishing emails sent from PhishGuard to bypass any mail filters or junk, spam and clutter folders. We do recommend however to whitelist by IP if possible (for example if you are using a cloud security system). When whitelisting by IP is not applicable, whitelisting by header is an effective way to make sure that phishing emails are delivered. Below we will show you how to set up header rules for Spam and Clutter as well as the Junk folder. 

 


Bypassing Clutter and Spam Filtering by Email Header (Exchange 2013 or 2016)

  1. Log into your mail server admin portal and select Exchange under Admin center.

  2. Click mail flow from the left-hand menu and then click the + sign and select Bypass spam filtering… from the drop-down.

  3. In the new rule window, give the rule a name, such as "Bypass Clutter & Spam Filtering by Email Header".
  4. From the Apply this rule if… drop-down menu,  select A message header... then includes any of these words.
  5. On the right side of that rule, you will see *Enter text... and *Enter words...
  6. Click *Enter text... and type in PhishGuard header and its value.
  7. Next, under Do the following… ensure that this field is set to Set the spam confidence level (SCL) to… and Bypass spam filtering is set on the right side.
  8. Add a second action by clicking the add action button under Do the following….
  9. From the drop-down menu, select Modify the message properties then set a message header 
  10. Click the first *Enter text.... and type  X-MS-Exchange-Organization-BypassClutter then click the second *Enter text... and type true.
  11. Review all settings to make sure they are correct.

    Once you have completed this setup please allow time for the new rule to propagate. Then, set up a test phishing campaign for yourself or a small group to test out your new whitelisting rule. 





Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article