How do I whitelist domains in Office 365 Exchange Admin Center?

I am a Sys Admin but email is not my specialty. We had an email admin who left the company, so I am just managing what I can in the interim. We have a request to whitelist a few domains in Office365. Our Info Sec is using a Security Awareness cloud solution product called Wombat. See PDF attached for whitelisting requirement (make reference to North America) from Wombat. If we configure this appropriately, legit phishing email will be sent to our user's inbox, and not land in the spam list or junk email folder.

I need to know if I am taking the right steps. Please use the PDF as a guide to confirm if I am taking the appropriate steps:

1.  From EAC, do I go to Protection > Spam filter > and doubleclick Default?
2016-07-27_10-09-48.png
2. In the PDF for where it outline Phishing Domains, do I include all the North America Phishing Domains under Allowed Sender or Allowed Domain? Also, if I do need to add it to Allowed Sender, should it be entered as (e.g. *@4ooi.co or just simply 400i.co)?
2016-07-27_10-12-04.png
3. If I should create a new spam filter policy, instead of the default, What should the setting in the drop down be for Spam?
2016-07-27_10-14-12.png
What would the setting be for High confidence spam dropdown?
2016-07-27_10-14-34.png
4. What would i need to include in the yellow highlighted area?
2016-07-27_10-15-16.png
5. Would I need to adjust anything in the below?
2016-07-27_10-17-41.png
6. Viewing the PDF attached, where in EAC would I include the Platform Assignment Notifications Mail Servers? Wherever I need to include it in EAC, is it best to input the IP rather than the Domain Names?
2016-07-27_10-37-13.png2016-Whitelisting-and-Domains-for-Th.pdf
joukiejoukAsked:
Who is Participating?
 
Adam BrownConnect With a Mentor Sr Solutions ArchitectCommented:
1. Yes. That's where whitelists are defined.
2. The domains need to be added to the Allowed Domain list. *@domain.com is not a valid entry for the Allowed Senders list, unless you want someone who actually uses *@domain.com as their email address to be allowed through. The way to approve all messages from any user at a specific domain is to add the Domain to the Allowed Domains list. Only worry about the email domains for this part. The IP addresses they list have to be added to the Connection filter allow list. (Click connection filter, to the left of spam filter)
3. The high confidence spam setting is how you decide to handle messages that are extremely likely to be spam. This depends on preference. Sending messages to quarantine is a good option, but dropping them entirely is as well. It just depends on whether you want to have a repository of potential spam to go through for false positive blocks.
4. You don't need to do anything there unless you want a separate Spam Filtering policy for a specific group of people or if you want to have more entries in your whitelist/blacklist than a single spam policy allows (1500 or so). Just close that window and don't bother adding a new filtering policy.
5. Same as 4.
6. All of those would be added to the Connection filter allow list, rather than the spam list.
0
 
joukiejoukAuthor Commented:
So I am trying to create a new spam filter policy for the purpose of the wombat white-listing request. I do not want to take the Default and modify it, since I am not so certain about Email administration. If I create a new spam filter policy, does that hurt anything? Also, while trying to create the new spam filter policy, I am getting an error when I try to save it.
2016-07-27_13-44-00.png
What should be selected here, and do I have to create any conditions? I'm guessing I should select "The recipient domain is" option, then include all our company's domain?
2016-07-27_13-52-02.png
Would I need to add exception?
0
 
joukiejoukAuthor Commented:
This has been resolved. Thank you.
0
All Courses

From novice to tech pro — start learning today.