When valid emails are flagged as spam by Exchange Online, they may find up in the Junk folder. This is obviously not a good thing, therefore in this article, we will learn how to whitelist a domain in Office 365. And how can we do it without exposing ourselves to phishing emails?
Spam email filtering is critical for preventing viruses and phishing emails from reaching the user’s inbox. However, when emails from trustworthy senders are flagged as spam, we must replace them and find a way to get the emails to the user’s mailbox securely.
Let’s discuss various ways to whitelist a domain in Office 365 admin in this write-up!
What You Should Know Before this Task?
There are different techniques for adding a domain to your Office 365 whitelist, but it’s essential to know the consequences of each. There are various reasons why an email might be marked as spam. It might have been sent from an untrustworthy source, the SPF or DMARC check failed, or even based on the email’s content.
The second most commonly used approaches to whitelist a domain in Office 365 at the tenant level are to use a mail flow rule (preferred) or to add the domain to the anti-spam policy’s list of approved senders. Other options include whitelisting the IP address in Office 365 or using Outlook’s Safe Sender List.
It’s essential to be as detailed as possible about the source when excluding a domain from spam filtering. Because simply filtering on the domain name opens the door to phishing for that domain.
This is why mail flow rules are the preferred method of adding a domain to the whitelist.
Whitelisting a Domain in Office 365 can have Several Benefits, Including:
- Improved email deliverability: By whitelisting a domain, you are telling Office 365 that all emails coming from that domain is legitimate and should be delivered to the inbox.
- Reduced spam and phishing attempts: Whitelisting a domain can help to reduce the number of spam and phishing emails that are delivered to users’ inboxes.
- Increased security: Whitelisting a domain can also help to increase security by only allowing emails from trusted sources to be delivered.
- Better collaboration: Whitelisting a domain can also improve collaboration by allowing users to easily communicate with each other, even if they are not in the same organization.
- Better filtering: Whitelisted domains can also be used to filter email, allowing certain types of messages to be filtered out, while others are allowed through.
- Better compliance: Whitelisting a domain can also help organizations to comply with various regulations and policies, such as HIPAA and other compliance standards.
Also Read: How to Create a Private Teams Channel? Step By Step Explained
Technique #1 Mail flow Rules to Whitelist a Domain in Office 365
We’ll start with the recommended method, which makes use of email flow rules. The advantage is that the email flow rules allow us to whitelist a domain and add a few additional checks. The DMARC result or even a single IP address can be included as part of the topic.
When you use a web application, it sends an email that is automatically created and that you want to whitelist. After that, you may define an email flow rule to filter by sender or domain. Also, as an extra precaution, filter the IP address. Because you’re probably aware of the IP address from which the email is being sent.
To whitelist a domain using a mail flow rule, we must first launch the Exchange Admin Center.
- Expand the Mail flow and then click Rules.
- Select Bypass Spam Filtering from the + icon.
- Give the rule a name.
- Under Apply this rule if, select Domain is.
- Enter the domain you want to whitelist here.
- Add a condition by selecting IP Address is in any of these ranges.
- Enter the application’s IP address.
- There are also some additional conditions that apply to uses:
- Subject or Body> The subject includes any of these words. This way, you can still filter emails based on a subject line word.
- A message header> includes any of these words. DMARC filtering is a good way to prevent whitelisting of a domain. Add authentication results under “Enter text” and dmarc = pass under “Enter words …”
- Hit Add Action > Set a message header
- Set the header to X-ETR and the value to something like Bypass spam filtering for stonegrovebank.com
- Click save to apply these settings.
Technique #2 Whitelist Domain with Allowed Domains in O365
Previously, we could add a domain to the whitelist by using the list of permitted senders in the Exchange Online admin center. However, we must now employ Microsoft 365 Security Center (Microsoft 365 Defender). Keep in mind that adding a domain to the whitelist this way is the least secure approach. Because senders from this domain will be able to get around spam protection and sender authentication this way.
We’ll need to change the incoming spam policy to allow an entire domain or a specific sender.
- Hit “Policies & Rules”
- Choose “Threat Policies”
- Open Anti-Spam (It may take a few seconds for the policies to load.)
- Hit the Anti-spam inbound policy (Default)
- Navigate all the way down in the fly-out & hit Edit allowed and blocked senders and domains
- Hit on Allow domains
- Add the domains that need to whitelist
- Hit Done & Save
Messages sent from this domain will no longer be filtered by the spam filter and will reach your mailbox. Keep in mind, however, that by adding a domain to the whitelist in this way, the phishing email will go unnoticed as well.
Technique #3 Whitelist IP Address in Office 365 to Whitelist a Domain
The third method I’d want to discuss is the option to whitelist an IP address in Office 365. Personally, I prefer to utilize a mail flow rule for this, which allows us to combine, for example, an IP address with a domain. However, we can add the IP address to the entire whitelist.
To accomplish this, we must adjust the connection filter policy in Security Center (Microsoft 365 Defender).
- Navigate to “Security Center” (Microsoft 365 Defender)
- Go to “Policies & Rules” > “Threat Rules”
- Hit “Anti-Spam”
- Click on Connection Filter Policy (Default)
- Click Edit connection filter policy in the fly-out
- Add the IP Address that needs to be whitelisted
- Enable Turn on the safe list
- Hit Save & close to apply the settings.
Bringing It All Together
When you try to whitelist a domain in Office 365, be as specific as possible. Include a condition if you know that a piece of the topic is always the same. Enable the DMARC header to see if SPF and DMARC are configured for the sending range.
Domain whitelisting via the anti-spam policy’s list of permitted domains should only be utilized as a short-term solution. When you whitelist a domain in this way, you bypass all security checks that help prevent phishing emails.