top of page

The Definitive Guide to Whitelisting Training Emails in Microsoft 365

We've all experienced Microsoft 365 being overprotective.

Let's look at three ways to whitelist HacWare domains to ensure your end-users receive the training emails.


How to Whitelist in EOP Anti-Spam Protection?

When an email is delivered, it passes through multiple layers of filtering. Follow the steps below to ensure the training content successfully passes through these filters and is delivered to the recipient.

1. Open the Exchange Admin Center.

2. Select Mail Flow, then Rules.

3. Choose Add a rule > Create a new rule

  • Name your rule.

  • Apply this rule if: "The sender," "IP address is in any of these ranges."

  • Specify the IP address range:

  • Under Do the following, select Modify the message properties from the drop down and select set the spam confidence level from the next dropdown.

  • Then choose Bypass spam filtering from the specify SCL window.

  • Select Next.

5. From the Set Rule Settings window:

  • Update the Severity to High.

  • Select Next.

6. Select Finish.


How to Whitelist in EOP Anti-Phishing Protection?

HacWare's spoofing technology may trigger EOP Anti-Phishing and Anti-Spoofing protection. To ensure your users are trained to spot spoofed phishing emails, please follow the steps below.

5. Click the Threat policies

6. In the Rules section. To go directly to the Advanced delivery

7. On the Advanced delivery page, select the Phishing Simulation tab, and then do one of the following steps:

  • Click Edit.

  • if there are no configured phishing simulations, click Add.

8. Add the Domain:, Sending IP:, and Allowed Simulation URL:*

When you're finished, do one of the following steps:

  • First time: Click Add, and then click Close.

  • Edit existing: Click Save and then click Close.


How to create an Allow List in Microsoft 365 Defender?

HacWare's spoofing technology may trigger the Microsoft 365 Defender Threat policies to block HacWare's phishing simulations to get to your end users. To resolve this issue, please follow the steps below.

How to bypass the spoof intelligence in Microsoft 365 Defender?

To bypass spoof intelligence, follow the instructions below.

These steps will also address certain errors, such as the “We could not verify the identity of the sender” error, from occurring. We recommend that you use the full infrastructure wild-carding method as this is the easiest method to whitelist all emails from HacWare.


How to configure a Safe Sender list in Microsoft 365 Defender?

  1. In the Microsoft 365 Defender portal at, go to Email & Collaboration > Policies & Rules > Threat policies > Anti-spam in the Policies section. Or, to go directly to the Anti-spam policies page, use

  2. On the Anti-spam policies page, select Connection filter policy (Default) from the list by clicking anywhere in the row other than the check box next to the name.

  3. In the policy details flyout that opens, use the Edit links to modify the policy settings:

    • Description section: Select Edit description to enter a description for the policy in the Description box of the Edit name and description flyout that opens. You can't modify the name of the policy. When you're finished in the Edit name and description flyout, select Save.

    • Connection filtering section: Select Edit connection filter policy. In the flyout that opens, configure the following settings:

      • Always allow messages from the following IP addresses or address range: This setting is the IP Allow List. Click in the box, enter a value, and then press the ENTER key or select the complete value that's displayed below the box. Valid values are:

        • Single IP:

    • Turn on safe list: To use the safe list, select the check box.

When you're finished in the flyout, select Save.

Back on the policy details flyout, select Close.


Final Thoughts

With these tips, you will ensure your users will be able to receive all their HacWare training emails. If you need further assistance, please reach out to our support team at

Learn more about HacWare at If you are a Managed Security Service provider (MSSP) or IT professional, we would love to automate your security education services, click here to learn more about our partner program.

bottom of page