How to bypass spam filtering - Symbol Security

Bypass Spam Filtering (Microsoft)

Print Created by: Symbol Support

If you already whitelisted our IPs but your phishing simulation emails are still being sent to your spam folder, you may try our Advanced Delivery Policies in M365 help guide, or make an additional configuration with the Mail Flow rules on Exchange. 

In order to make these changes, you need to follow these steps:

• Navigate to your Exchange Admin Center 
• From the left sidebar click on "Mail flow".
• Then select the option "Rules".

On the rules screen you will see a list of some of the rules defined on your tenant, if there are no pre-existing rules on the list click on the "+" icon to create a new rule. 

When clicking on the "+" icon a dropdown will appear with different options, ensure you select the option "Bypass Spam Filtering". From there, a new tab will appear with a form that you need to fill with the following information:

Name: Symbol Security (This name is Optional)

On the field that says "Apply this rule if..." add the following conditions:

• The Sender IP address is in the range.. >:
  • IP Address: 54.240.126.6
  • IP Address: 54.240.126.5
  • IP Address: 54.240.126.4

• • IP Address: 168.245.1.42
  • IP Address: 149.72.173.189
  • IP Address: 149.72.195.148
• A message header includes... > :
  • SS-PHISHTEST
  • SymbolSecurity
• The sender's domain is..:
  • customerrequestdepartment.com 
  • benefitsenrollmentcenter.com 
  • invoicefulfillment.com 
  • yoursupportrequest.com 
  • recordsconfirmation.com
  • passwordconfirmation.com

• • responseconfirmation.com
  • user-signin.com
  • againstphishing.com
  • customerassistance.co
  • customerassistance.email
  • phishfit.com
  • getcybertraining.com (optional - training assignment emails and reminders)
  • symbolsecurity.com (optional - transactional emails and notifications)
• The sender is located..>:
  • Outside the organization

Once you have finished the above modifications, leave the rest of these settings as they are, and click on Save to add your rules to the Mail Flow.

As an additional note, Symbol Security sends administrator and user notifications and reminders from two domains. While these domains do not need to be whitelisted for spoofing purposes, it may be helpful to add them as a safe sender so notifications to not go to your junk or spam folders:

• getcybertraining.com (training assignment and reminder notifications)
• symbolsecurity.com (new admin invitations and notifications)

Some email providers block images on the emails, so this configuration will also allow you to display images on our phishing simulation emails.

If your emails are still being sent to the spam folder after doing this configuration please contact us at support@symbolsecurity.com and we can help you. 

S Symbol is the author of this solution article.