To ensure CanIPhish can effectively simulate phishing campaigns, you will need to allowlist our emails. We highly recommend this method for allowlisting as it's been explicitly created by Microsoft for the purpose of conducting phishing simulations.
Note: If you find that website links are being re-written and lead to a "suspicious website" page after allowlisting, your organisation may need to add additional attachment and URL exemptions. To enable these exemptions please see our support article: Allowlisting - Bypass Safe Link/Attachment Processing of M365 Advanced Threat Protection (ATP)
Use the Microsoft 365 Defender portal to configure third-party phishing simulations in the advanced delivery policy
1. Login to Microsoft 365 Defender at the following link to go straight to the Phishing Simulation allowlisting form: https://security.microsoft.com/advanceddelivery?viewid=PhishingSimulation
Note: This form can also be accessed by going to https://security.microsoft.com/ and clicking through Email & Collaboration > Policies & Rules > Threat Policies > Advanced Delivery > Phishing Simulation
2. Click 
Edit or If there are no configured phishing simulations, click Add.
3. On the Edit third-party phishing simulation flyout that opens, configure the following settings:
- Sending Domain:
alerting-services.com
authwebmail.com
cloud-notification-services.com
securesupportcloud.com
office-365-notifications.com
webnotifications.net
paypaypal.net
cmail31.com
learn.caniphish.com
simulation.caniphish.com
outbound.caniphish.com
- Sending IP:
3.106.21.22
13.237.47.221
- Simulation URLs to allow:
authwebmail.com/*
*.authwebmail.com/*
cmail31.com/*
*.cmail31.com/*
securesupportcloud.com/*
*.securesupportcloud.com/*
webnotifications.net/*
*.webnotifications.net/*
alerting-services.com/*
*.alerting-services.com/*
Note: All the above domains and IP addresses are under the sole control of CanIPhish. As such we can ensure that no unintended emails will originate from these IPs and domains after allowlisting occurs.
4. When you're finished, click Add/Save and then click Close.
Note: Allowlisting may take up to an hour to take effect.
All done! Allowlisting can be tricky... should you have any difficulties, please don't hesitate to contact us.
Troubleshooting: If you run into issues with emails continuing to go to spam/quarantine folders. You may have Microsoft Advanced Threat Protection (ATP) enabled which requires additional allowlisting. Please see our guide here to Bypass Safe Link/Attachment Processing of M365 ATP.
Comments
2 comments
Good day sir! Please I'm unable to sign in with Microsoft 365 defender and I don't know what's wrong with it please help me out
Hi Ottogary,
Thanks for reaching out. Could I please confirm what subscription you have with Office 365 (e.g. E1, E3, E5 license, etc.)
Regards,
Sebastian
Please sign in to leave a comment.