Allow listing Simulation Emails in M365

Updated 3 months ago by admin

Below is a short guide on how to allow phishing simulation emails, sent from the Security Awareness Training product, through to users' inboxes on Office 365. This guide will show you how to create a rule on Microsoft 365 Exchange that will allow through all the required email domains that the phishing simulations use.

Before starting please make sure you are a global Administrator within Microsoft 365.

  1. Navigate to 365 Exchange
  2. Expand the Mail Flow tab on the left
  3. Select Rules
  4. Under Rules, select the + icon, and then on the dropdown box, select Bypass spam filtering...
  5. Name the rule as SAT Domain allow
  6. Under *Apply this rule if... select the sender is and then domain is as shown below:
  1. In the Specify Domain box, you will need to add the domains, making sure to click the + icon after each domain to add it to the list, and then click Ok once finished. 

Please see below for the current list of domains we provide:


  1. Under Do the following..., select Modify the message properties... and then Set the spam confidence level (SCL) as shown below:
  1. Leave the remaining settings as default and click save.
  2. After the window has closed, move the priority of the rule to '0' using the upwards-facing arrow key as shown below.

All simulation phishing emails should now be delivered through to your users' inbox.

How did we do?