Solved

How do I whitelist domains in Office 365 Exchange Admin Center?

Posted on 2016-07-27
3
123 Views
Last Modified: 2016-07-28
I am a Sys Admin but email is not my specialty. We had an email admin who left the company, so I am just managing what I can in the interim. We have a request to whitelist a few domains in Office365. Our Info Sec is using a Security Awareness cloud solution product called Wombat. See PDF attached for whitelisting requirement (make reference to North America) from Wombat. If we configure this appropriately, legit phishing email will be sent to our user's inbox, and not land in the spam list or junk email folder.

I need to know if I am taking the right steps. Please use the PDF as a guide to confirm if I am taking the appropriate steps:

1.  From EAC, do I go to Protection > Spam filter > and doubleclick Default?
2016-07-27_10-09-48.png
2. In the PDF for where it outline Phishing Domains, do I include all the North America Phishing Domains under Allowed Sender or Allowed Domain? Also, if I do need to add it to Allowed Sender, should it be entered as (e.g. *@4ooi.co or just simply 400i.co)?
2016-07-27_10-12-04.png
3. If I should create a new spam filter policy, instead of the default, What should the setting in the drop down be for Spam?
2016-07-27_10-14-12.png
What would the setting be for High confidence spam dropdown?
2016-07-27_10-14-34.png
4. What would i need to include in the yellow highlighted area?
2016-07-27_10-15-16.png
5. Would I need to adjust anything in the below?
2016-07-27_10-17-41.png
6. Viewing the PDF attached, where in EAC would I include the Platform Assignment Notifications Mail Servers? Wherever I need to include it in EAC, is it best to input the IP rather than the Domain Names?
2016-07-27_10-37-13.png2016-Whitelisting-and-Domains-for-Th.pdf
0
Comment
Question by:joukiejouk
  • 2
3 Comments
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41731799
1. Yes. That's where whitelists are defined.
2. The domains need to be added to the Allowed Domain list. *@domain.com is not a valid entry for the Allowed Senders list, unless you want someone who actually uses *@domain.com as their email address to be allowed through. The way to approve all messages from any user at a specific domain is to add the Domain to the Allowed Domains list. Only worry about the email domains for this part. The IP addresses they list have to be added to the Connection filter allow list. (Click connection filter, to the left of spam filter)
3. The high confidence spam setting is how you decide to handle messages that are extremely likely to be spam. This depends on preference. Sending messages to quarantine is a good option, but dropping them entirely is as well. It just depends on whether you want to have a repository of potential spam to go through for false positive blocks.
4. You don't need to do anything there unless you want a separate Spam Filtering policy for a specific group of people or if you want to have more entries in your whitelist/blacklist than a single spam policy allows (1500 or so). Just close that window and don't bother adding a new filtering policy.
5. Same as 4.
6. All of those would be added to the Connection filter allow list, rather than the spam list.
0
 

Author Comment

by:joukiejouk
ID: 41732038
So I am trying to create a new spam filter policy for the purpose of the wombat white-listing request. I do not want to take the Default and modify it, since I am not so certain about Email administration. If I create a new spam filter policy, does that hurt anything? Also, while trying to create the new spam filter policy, I am getting an error when I try to save it.
2016-07-27_13-44-00.png
What should be selected here, and do I have to create any conditions? I'm guessing I should select "The recipient domain is" option, then include all our company's domain?
2016-07-27_13-52-02.png
Would I need to add exception?
0
 

Author Closing Comment

by:joukiejouk
ID: 41733590
This has been resolved. Thank you.
0

Featured Post

Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

Join & Write a Comment

Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Office 365 is currently available in five editions. Three of them are for business use: Office 365 Business Essentials, Office 365 Business, and Office 365 Business Premium. Two of them are for home/personal use: Office 365 Home and Office 365 Perso…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now