✅ Recommended Method: Create a Mail Flow Rule (Transport Rule)
This method allows you to define specific conditions under which emails from certain domains bypass spam filtering.CloudInfra
Steps:
- Access the Exchange Admin Center:CloudInfra+5Alitajran+5Microsoft Answers+5
- Navigate to Exchange Admin Center.
- Create a New Rule:LazyAdmin+8Microsoft Answers+8kjctech.net+8
- Go to Mail flow > Rules.Microsoft Answers+11Microsoft Answers+11Alitajran+11
- Click on Add a rule > Create a new rule.CloudInfra+6Alitajran+6Microsoft Learn+6
- Define Rule Conditions:
- Name: Assign a descriptive name to the rule.Microsoft Answers+5Microsoft Learn+5kjctech.net+5
- Apply this rule if:
- Select The sender > domain is > enter the domain you wish to allow.
- Optionally, add conditions to enhance security, such as verifying that the sender passes SPF, DKIM, or DMARC checks.
- Set Actions:Alitajran+2Microsoft Learn+2Microsoft Learn+2
- Do the following:
- Select Modify the message properties > set the spam confidence level (SCL) > choose Bypass spam filtering.
- Optionally, add a custom header for tracking purposes.
- Do the following:
- Finalize the Rule:Microsoft Answers+1Microsoft Answers+1
- Review the settings.
- Set the rule to Enforce.Microsoft Answers+2LazyAdmin+2CloudInfra+2
- Click Finish to activate the rule.Microsoft Learn+4CloudInfra+4LazyAdmin+4
This approach is preferred as it allows for granular control and can incorporate additional security checks to ensure the legitimacy of the sender. Active Directory Pro
⚠️ Alternative Method: Use the Tenant Allow/Block List
This method involves adding domains to the Tenant Allow/Block List to permit emails from those domains.CloudInfra+2Microsoft Learn+2Microsoft Learn+2
Steps:
- Access the Microsoft 365 Defender Portal:Microsoft Answers+4CloudInfra+4Alitajran+4
- Navigate to Microsoft 365 Defender.Microsoft Learn
- Navigate to Tenant Allow/Block Lists:Alitajran+4Microsoft Learn+4CloudInfra+4
- Go to Email & collaboration > Policies & rules > Threat policies > Tenant Allow/Block Lists.LazyAdmin+4CloudInfra+4Alitajran+4
- Add Domains to Allow List:Active Directory Pro+5Alitajran+5LazyAdmin+5
- Under the Domains & addresses tab, click Add > Allow.Microsoft Learn+1Microsoft Learn+1
- Enter the domains you wish to allow.Microsoft Learn+3Alitajran+3LazyAdmin+3
- Set the duration for which the allow entry should remain active.Microsoft Learn
- Click Add to confirm.
Note: This method should be used cautiously, as it may bypass certain security checks, potentially allowing malicious emails if the allowed domain is compromised. CloudInfra
⚠️ Less Recommended Method: Modify Anti-Spam Policies
Adjusting anti-spam policies to allow specific domains is generally not advised, as it can bypass multiple layers of security.
Steps:
- Access the Microsoft 365 Defender Portal:
- Navigate to Microsoft 365 Defender.
- Navigate to Anti-Spam Policies:
- Go to Email & collaboration > Policies & rules > Threat policies > Anti-spam.
- Edit Inbound Policy:Alitajran+3Microsoft Learn+3LazyAdmin+3
- Select the Anti-spam inbound policy (Default).Microsoft Answers+4CloudInfra+4Alitajran+4
- Scroll down to Allowed and blocked senders and domains.Microsoft Learn+4Alitajran+4CloudInfra+4
- Click Edit allowed and blocked senders and domains.Alitajran+2CloudInfra+2LazyAdmin+2
- Under Allowed domains, add the domains you wish to permit.
- Click Save to apply changes.
Caution: This method is less secure and should be used only when necessary, as it may allow spoofed emails to bypass spam filters. LazyAdmin
Summary:
- Best Practice: Use Mail Flow Rules for precise control and enhanced security.Active Directory Pro+7LazyAdmin+7Microsoft Learn+7
- Alternative: Employ the Tenant Allow/Block List for temporary allowances.Microsoft Learn+3CloudInfra+3Microsoft Learn+3
- Least Recommended: Modify Anti-Spam Policies only when other methods are unsuitable.
Implementing these methods carefully will help ensure that legitimate emails from trusted domains are delivered without being marked as spam.