Home

Articles in this section

See more

Deployment: Whitelisting and Mail Flow rules for Office 365 / On-premise Exchange server

Overview

Whitelisting and Mail Flow rules are needed to ensure Hoxhunt's simulation emails are safely delivered to every employee's Inbox.

This consists of three main steps and two optional steps:

  1. Whitelist Hoxhunt email servers
  2. Add Mail Flow rules to bypass Spam Filtering and Clutter
  3. Add Mail Flow rule to bypass Focused Inbox
  4. Only for O365: Add mail flow rule to skip Junk Filtering
  5. Only for O365+ATP: Skip link and attachment scanning

You must complete the above steps for successful whitelisting!

1. Whitelist Hoxhunt email servers

Step 1:

If you are configuring O365, log in to O365 and navigate to Admin > Admin Centers > Exchange.

If you are configuring on-premise Exchange, log in to Exchange Admin Center and navigate to Dashboard.

 

Step 2:

Under Protection select connection filter.

3.png

Step 3: 

Edit the default policy by selecting the pencil icon.

4.png

Step 4:

Click on the "+" sign on IP Allow list.

Add 37.139.12.94 and 35.156.0.138.

Click Save.

Note: If you have trouble configuring the connection filter in Exchange 2013, please check this Technet article

 

2. Add Mail Flow rules

2.1 Add rule for Spam Confidence Level to bypass spam filtering (SCL -1)

Step 1:

At the top-level of your Admin center, select Mail flow. Click the “+”-icon and select “Create a new rule...

 

Give the rule a name, such as  “Spam Whitelisting for HoxHunt”, or follow your company's naming convention. 

Select "More options..."


More_options.png

Step 2:

Add the following condition:

"Apply this rule if..." > "IP address is in any of these ranges or exactly matches"

6.png

Add 37.139.12.94 and 35.156.0.138.

Click OK.

Step 3:

Add the following action:

"Do the following..." > "Modify the message properties..." > "set the spam confidence level (SCL)"

8.png

In the "Specify SCL" dialog, select "Bypass spam filtering" or "-1".

Click OK.

9.png

2.2 Add rule to bypass Clutter evaluation

Let's continue configuring the same mail flow rule.Clutter is a feature that moves low-priority emails out of user's inbox to a folder called Clutter. Clutter analyzes user's email habits, and based on past behavior, it determines the messages that the user most likely to ignore. To make sure Hoxhunt's simulation emails are always delivered to the user's inbox, you must bypass the Clutter evaluation for Hoxhunt simulation emails.

Step 1:

Select "Add action" and then select "Modify the message properties..." > "set a message header".

10.png

Click on Set a message header "Enter text..."  add the following (case sensitive!):

X-MS-Exchange-Organization-BypassClutter

11.png

Click on ...to the value “Enter text…and add (case sensitive!):

true

Enter_Text_case_sensitive.png

This rule is now complete. Click Save.

 

3. Add Mail Flow rule to bypass Focused Inbox evaluation

Focused Inbox is a feature that automatically evaluates incoming emails and direct them to two views: "Focused" and "Others". To make sure Hoxhunt's simulation emails are always delivered to the user's "Focused" inbox, you must bypass the evaluation for Hoxhunt simulation emails.

Let's create a new mail flow rule to bypass Focused Inbox evaluation.

Step 1:

Click the (+Create New Rule button under Mail Flow > Rules.
Give the rule a name, such as "Focused Inbox whitelisting for Hoxhunt".

Click on More options.
Add the condition Apply this rule if...

Select The sender..., and select IP address is in any of these ranges or exactly matches. Specify the following sender IP addresses, then click OK.

37.139.12.94
35.156.0.138

Under "Do the following", select "Modify the message properties..." then "Set a Message Header".

Click on Set a message header "Enter text..."  add the following (case sensitive!):

X-MS-Exchange-Organization-BypassFocusedInbox

Click on ...to the value “Enter text…and add (case sensitive!):

true

 

Beneath Properties of this rule set the priority to directly follow the existing rules for HoxHunt.

This rule is now complete. Click Save.

 

4. Only for O365: Add mail flow rule to skip Junk Filtering

The following Mail Flow rule is required by all O365 mail services that have EOP (Exchange Online Protection) or ATP (Advanced Threat Protection) enabled.

Go to Admin > Mail > Mail Flow.

Click the (+Create New Rule button under Mail Flow > Rules.
Give the rule a name, such as "Skip Junk Filtering for Hoxhunt".

Click on More options.
Add the condition Apply this rule if...

Select The sender..., and select IP address is in any of these ranges or exactly matches. Specify the following sender IP addresses, then click OK.

37.139.12.94
35.156.0.138

Under "Do the following", select "Modify the message properties..." then "Set a Message Header".
Add a header X-Forefront-Antispam-Report and set it to value SFV:SKI;

 

Beneath Properties of this rule set the priority to directly follow the existing rules for HoxHunt.

This rule is now complete. Click Save.

 

5. Only for O365+ATP: Skip link and attachment scanning

Please see this article.

 

Frequently Asked Questions

I'm not receiving HoxHunt emails after whitelisting

  • Check the order of your mail flow rules. If you have a spam filter rule in place that has a higher priority than your Hoxhunt rule, this may prevent Hoxhunt emails from being delivered successfully.
  • Solution: Raise the priority of HoxHunt mail flow rule.

 

  • Check the emails headers for sender IP address. If the IP address is not one mentioned above, your email environment may be re-routing the emails through a filtering system that changes their originating IP address.
  • Solution: A Receive connector should be configured. Please ask more from Hoxhunt Support.

 

 

 

 

Was this article helpful?
2 out of 5 found this helpful
Return to top

Related articles