To ensure CanIPhish can effectively simulate phishing campaigns, you will need to allowlist our emails. In this guide, we cover how to allowlist simualted phishing emails within an Exchange 2010 environment.
The instructions for setting up allowlisting is shown below:
1) Open your Exchange Management Console (EMC).
2) Expand Organization Configuration on the left-hand side, and click Hub Transport.
3) Under Actions on the right-hand side, select New Transport Rule.
4) Enter a name for your New Transport Rule, such as "Bypass Spam Filtering by Email Header", and click Next.
5) In Step 1, select condition "when the message header contains specific words". Beneath Step 2, complete the following steps.
a. Select message header and type in the header. The CanIPhish header is "X-CanIPhish".
b. Select specific words and then enter your Tenant ID which can be located on the left-side of the User Profile page. This is a 36-character ID. Example "3433186e-8e45-4ccc-90f5-e134a4ccyg25".
c. Click Next.
6) In Step 1, select action "set the spam confidence level to a value". In Step 2, set the Spam confidence level (SCL) threshold to -1. Click Next.
7) Click Next to create rule, then select New to continue.
All done! Allowlisting can be tricky... should you have any difficulties, please don't hesitate to contact us.