Solved

How do I whitelist domains in Office 365 Exchange Admin Center?

Posted on 2016-07-27
3
721 Views
Last Modified: 2016-07-28
I am a Sys Admin but email is not my specialty. We had an email admin who left the company, so I am just managing what I can in the interim. We have a request to whitelist a few domains in Office365. Our Info Sec is using a Security Awareness cloud solution product called Wombat. See PDF attached for whitelisting requirement (make reference to North America) from Wombat. If we configure this appropriately, legit phishing email will be sent to our user's inbox, and not land in the spam list or junk email folder.

I need to know if I am taking the right steps. Please use the PDF as a guide to confirm if I am taking the appropriate steps:

1.  From EAC, do I go to Protection > Spam filter > and doubleclick Default?
2016-07-27_10-09-48.png
2. In the PDF for where it outline Phishing Domains, do I include all the North America Phishing Domains under Allowed Sender or Allowed Domain? Also, if I do need to add it to Allowed Sender, should it be entered as (e.g. *@4ooi.co or just simply 400i.co)?
2016-07-27_10-12-04.png
3. If I should create a new spam filter policy, instead of the default, What should the setting in the drop down be for Spam?
2016-07-27_10-14-12.png
What would the setting be for High confidence spam dropdown?
2016-07-27_10-14-34.png
4. What would i need to include in the yellow highlighted area?
2016-07-27_10-15-16.png
5. Would I need to adjust anything in the below?
2016-07-27_10-17-41.png
6. Viewing the PDF attached, where in EAC would I include the Platform Assignment Notifications Mail Servers? Wherever I need to include it in EAC, is it best to input the IP rather than the Domain Names?
2016-07-27_10-37-13.png2016-Whitelisting-and-Domains-for-Th.pdf
0
Comment
Question by:joukiejouk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 40

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41731799
1. Yes. That's where whitelists are defined.
2. The domains need to be added to the Allowed Domain list. *@domain.com is not a valid entry for the Allowed Senders list, unless you want someone who actually uses *@domain.com as their email address to be allowed through. The way to approve all messages from any user at a specific domain is to add the Domain to the Allowed Domains list. Only worry about the email domains for this part. The IP addresses they list have to be added to the Connection filter allow list. (Click connection filter, to the left of spam filter)
3. The high confidence spam setting is how you decide to handle messages that are extremely likely to be spam. This depends on preference. Sending messages to quarantine is a good option, but dropping them entirely is as well. It just depends on whether you want to have a repository of potential spam to go through for false positive blocks.
4. You don't need to do anything there unless you want a separate Spam Filtering policy for a specific group of people or if you want to have more entries in your whitelist/blacklist than a single spam policy allows (1500 or so). Just close that window and don't bother adding a new filtering policy.
5. Same as 4.
6. All of those would be added to the Connection filter allow list, rather than the spam list.
0
 

Author Comment

by:joukiejouk
ID: 41732038
So I am trying to create a new spam filter policy for the purpose of the wombat white-listing request. I do not want to take the Default and modify it, since I am not so certain about Email administration. If I create a new spam filter policy, does that hurt anything? Also, while trying to create the new spam filter policy, I am getting an error when I try to save it.
2016-07-27_13-44-00.png
What should be selected here, and do I have to create any conditions? I'm guessing I should select "The recipient domain is" option, then include all our company's domain?
2016-07-27_13-52-02.png
Would I need to add exception?
0
 

Author Closing Comment

by:joukiejouk
ID: 41733590
This has been resolved. Thank you.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office Picture Manager was included in Office 2003, 2007, and 2010, but not in Office 2013. Users had hopes that it would be in Office 2016/Office 365, but it is not. Fortunately, the same zero-cost technique that works to install it with …
Adoption of Microsoft’s Enterprise Mobility and Security solution and Office 365 will re-order the File Sync and Share market Microsoft has stated that its Enterprise Mobility + Security (EMS) is the fastest growing product in the history of the …
Microsoft Office Picture Manager has a Picture Shortcuts pane that shows a list with the Recently Browsed folders. While creating my video Micro Tutorial here at Experts Exchange showing How to Install Microsoft Office Picture Manager in Office 2013…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question