This guide describes how to whitelist Nimblr Simulated attacks in Microsoft Exchange Online.
Whitelist Connection Filter
1. Start with opening the Anti-Spam settings in the Microsoft Defender 365 portal at https://security.microsoft.com/antispam
2. Click Connection ﬁlter policy (Default) and then click Edit policy connection ﬁlter policy (click the text “Edit policy connection ﬁlter policy” - not its checkbox).
3. Add the following IP addresses one at the time (so that they appear in gray boxes like in the picture bellow) and then click Save and Close
Microsoft Advanced Delivery Policy
To keep your organization secure by default, Exchange Online Protection (EOP) does not allow safe lists or filtering bypass for messages that are identified as “high confidence phishing”. To override this, the Advanced Delivery policy must be configured to allow delivery of third-party phishing simulations to users.
1. Go to the Microsoft 365 Defender Advanced delivery page: https://security.microsoft.com/advanceddelivery
2. Click Phishing Simulations and then click Add
3. On the Third-party phishing simulation ﬂyout that opens, conﬁgure the following settings:
- Sending domain: nimblr.net, sasender.net and awrns.net
- Sending IP: 220.127.116.11, 18.104.22.168, 22.214.171.124
- Simulation URLs to allow: 135461223.site/*, 953611493.site/*, 1491321218.site/*, nimblr.net/* and awrns.net/*
When you're ﬁnished, click Save. The Nimblr phishing simulation entries that you conﬁgured are now displayed on the Phishing simulation tab. Click Close.
To avoid the built-in warning notifications in Outlook you may consider configuring the Tenant Allow list for Spoofed Senders.
Additional information on how to conﬁgure the Advanced Delivery Policy and delivery of third-party phishing simulations can be found here:
Third-party ﬁlters: If your domain's MX record doesn't point to Oﬃce 365 (messages are routed somewhere else ﬁrst), secure by default is not available. If you'd like to add protection, you'll need to enable Enhanced Filtering for Connectors (also known as skip listing). For more information, see Manage mail ﬂow using a third-party cloud service with Exchange Online. If you don't want Enhanced Filtering for Connectors, use mail ﬂow rules (also known as transport rules) to bypass Microsoft ﬁltering for messages that have already been evaluated by third-party ﬁltering. For more information, see Use mail ﬂow rules to set the SCL in messages.
Verify Whitelist configuration
Send a test simulation to verify that your whitelist conﬁgurations are functional. Login to your Nimblr portal on https://nimblr.net and navigate to Settings > Delivery test. Send a test simulation to a by clicking Send Email.