{"id":1812,"date":"2025-11-10T00:34:12","date_gmt":"2025-11-10T00:34:12","guid":{"rendered":"https:\/\/www.ultrexstaff.com\/?p=1812"},"modified":"2025-11-10T00:34:14","modified_gmt":"2025-11-10T00:34:14","slug":"allow-whitelist-domains-in-microsoft-365-exchange-admin-spam-filter-rules-locations","status":"publish","type":"post","link":"https:\/\/www.ultrexstaff.com\/?p=1812","title":{"rendered":"Allow\/Whitelist Domains in Microsoft 365 Exchange Admin &#8211; Spam Filter rules locations"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">\u2705 Recommended Method: Create a Mail Flow Rule (Transport Rule)<\/h2>\n\n\n\n<p>This method allows you to define specific conditions under which emails from certain domains bypass spam filtering.\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">CloudInfra<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Steps:<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Access the Exchange Admin Center<\/strong>:\u200b<a href=\"https:\/\/www.alitajran.com\/allowlist-domain-microsoft-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">CloudInfra+5Alitajran+5Microsoft Answers+5<\/a>\n<ul class=\"wp-block-list\">\n<li>Navigate to\u00a0<a href=\"https:\/\/admin.exchange.microsoft.com\/\">Exchange Admin Center<\/a>.\u200b<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Create a New Rule<\/strong>:\u200b<a href=\"https:\/\/answers.microsoft.com\/en-us\/msoffice\/forum\/all\/bypass-spam-filtering-option-gone\/baec6250-0b11-455c-99f1-426710f6e6c2?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">LazyAdmin+8Microsoft Answers+8kjctech.net+8<\/a>\n<ul class=\"wp-block-list\">\n<li>Go to\u00a0<strong>Mail flow<\/strong>\u00a0>\u00a0<strong>Rules<\/strong>.\u200b<a href=\"https:\/\/answers.microsoft.com\/en-us\/msoffice\/forum\/all\/bypass-spam-filtering\/9ca98da3-4b46-4c35-9e02-9cf1a0f417cb?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Answers+11Microsoft Answers+11Alitajran+11<\/a><\/li>\n\n\n\n<li>Click on\u00a0<strong>Add a rule<\/strong>\u00a0>\u00a0<strong>Create a new rule<\/strong>.\u200b<a href=\"https:\/\/www.alitajran.com\/allowlist-domain-microsoft-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">CloudInfra+6Alitajran+6Microsoft Learn+6<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Define Rule Conditions<\/strong>:\u200b\n<ul class=\"wp-block-list\">\n<li><strong>Name<\/strong>:\u00a0Assign a descriptive name to the rule.\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/exchange\/security-and-compliance\/mail-flow-rules\/use-rules-to-set-scl?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Answers+5Microsoft Learn+5kjctech.net+5<\/a><\/li>\n\n\n\n<li><strong>Apply this rule if<\/strong>:\n<ul class=\"wp-block-list\">\n<li>Select\u00a0<strong>The sender<\/strong>\u00a0>\u00a0<strong>domain is<\/strong>\u00a0> enter the domain you wish to allow.<\/li>\n\n\n\n<li>Optionally, add conditions to enhance security, such as verifying that the sender passes SPF, DKIM, or DMARC checks.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Set Actions<\/strong>:\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/exchange\/security-and-compliance\/mail-flow-rules\/use-rules-to-set-scl?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Alitajran+2Microsoft Learn+2Microsoft Learn+2<\/a>\n<ul class=\"wp-block-list\">\n<li><strong>Do the following<\/strong>:\n<ul class=\"wp-block-list\">\n<li>Select\u00a0<strong>Modify the message properties<\/strong>\u00a0>\u00a0<strong>set the spam confidence level (SCL)<\/strong>\u00a0> choose\u00a0<strong>Bypass spam filtering<\/strong>.<\/li>\n\n\n\n<li>Optionally, add a custom header for tracking purposes.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Finalize the Rule<\/strong>:\u200b<a href=\"https:\/\/answers.microsoft.com\/en-us\/msoffice\/forum\/all\/bypass-spam-filtering\/9ca98da3-4b46-4c35-9e02-9cf1a0f417cb?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Answers+1Microsoft Answers+1<\/a>\n<ul class=\"wp-block-list\">\n<li>Review the settings.\u200b<\/li>\n\n\n\n<li>Set the rule to\u00a0<strong>Enforce<\/strong>.\u200b<a href=\"https:\/\/lazyadmin.nl\/office-365\/whitelist-domain-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Answers+2LazyAdmin+2CloudInfra+2<\/a><\/li>\n\n\n\n<li>Click\u00a0<strong>Finish<\/strong>\u00a0to activate the rule.\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn+4CloudInfra+4LazyAdmin+4<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p>This approach is preferred as it allows for granular control and can incorporate additional security checks to ensure the legitimacy of the sender.&nbsp;\u200b<a href=\"https:\/\/activedirectorypro.com\/whitelist-a-domain-in-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Active Directory Pro<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u26a0\ufe0f Alternative Method: Use the Tenant Allow\/Block List<\/h2>\n\n\n\n<p>This method involves adding domains to the Tenant Allow\/Block List to permit emails from those domains.\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-office-365\/tenant-allow-block-list-email-spoof-configure?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">CloudInfra+2Microsoft Learn+2Microsoft Learn+2<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Steps:<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Access the Microsoft 365 Defender Portal<\/strong>:\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Answers+4CloudInfra+4Alitajran+4<\/a>\n<ul class=\"wp-block-list\">\n<li>Navigate to\u00a0<a href=\"https:\/\/security.microsoft.com\/\">Microsoft 365 Defender<\/a>.\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-office-365\/anti-spam-policies-configure?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Navigate to Tenant Allow\/Block Lists<\/strong>:\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-office-365\/tenant-allow-block-list-email-spoof-configure?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Alitajran+4Microsoft Learn+4CloudInfra+4<\/a>\n<ul class=\"wp-block-list\">\n<li>Go to\u00a0<strong>Email &amp; collaboration<\/strong>\u00a0>\u00a0<strong>Policies &amp; rules<\/strong>\u00a0>\u00a0<strong>Threat policies<\/strong>\u00a0>\u00a0<strong>Tenant Allow\/Block Lists<\/strong>.\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">LazyAdmin+4CloudInfra+4Alitajran+4<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Add Domains to Allow List<\/strong>:\u200b<a href=\"https:\/\/www.alitajran.com\/allowlist-domain-microsoft-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Active Directory Pro+5Alitajran+5LazyAdmin+5<\/a>\n<ul class=\"wp-block-list\">\n<li>Under the\u00a0<strong>Domains &amp; addresses<\/strong>\u00a0tab, click\u00a0<strong>Add<\/strong>\u00a0>\u00a0<strong>Allow<\/strong>.\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-office-365\/tenant-allow-block-list-email-spoof-configure?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn+1Microsoft Learn+1<\/a><\/li>\n\n\n\n<li>Enter the domains you wish to allow.\u200b<a href=\"https:\/\/www.alitajran.com\/allowlist-domain-microsoft-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn+3Alitajran+3LazyAdmin+3<\/a><\/li>\n\n\n\n<li>Set the duration for which the allow entry should remain active.\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-office-365\/tenant-allow-block-list-email-spoof-configure?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn<\/a><\/li>\n\n\n\n<li>Click\u00a0<strong>Add<\/strong>\u00a0to confirm.\u200b<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p><strong>Note<\/strong>: This method should be used cautiously, as it may bypass certain security checks, potentially allowing malicious emails if the allowed domain is compromised.&nbsp;\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">CloudInfra<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u26a0\ufe0f Less Recommended Method: Modify Anti-Spam Policies<\/h2>\n\n\n\n<p>Adjusting anti-spam policies to allow specific domains is generally not advised, as it can bypass multiple layers of security.\u200b<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Steps:<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Access the Microsoft 365 Defender Portal<\/strong>:\u200b\n<ul class=\"wp-block-list\">\n<li>Navigate to\u00a0<a href=\"https:\/\/security.microsoft.com\/\">Microsoft 365 Defender<\/a>.\u200b<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Navigate to Anti-Spam Policies<\/strong>:\u200b\n<ul class=\"wp-block-list\">\n<li>Go to\u00a0<strong>Email &amp; collaboration<\/strong>\u00a0>\u00a0<strong>Policies &amp; rules<\/strong>\u00a0>\u00a0<strong>Threat policies<\/strong>\u00a0>\u00a0<strong>Anti-spam<\/strong>.\u200b<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Edit Inbound Policy<\/strong>:\u200b<a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-office-365\/anti-spam-policies-configure?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Alitajran+3Microsoft Learn+3LazyAdmin+3<\/a>\n<ul class=\"wp-block-list\">\n<li>Select the\u00a0<strong>Anti-spam inbound policy (Default)<\/strong>.\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Answers+4CloudInfra+4Alitajran+4<\/a><\/li>\n\n\n\n<li>Scroll down to\u00a0<strong>Allowed and blocked senders and domains<\/strong>.\u200b<a href=\"https:\/\/www.alitajran.com\/allowlist-domain-microsoft-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn+4Alitajran+4CloudInfra+4<\/a><\/li>\n\n\n\n<li>Click\u00a0<strong>Edit allowed and blocked senders and domains<\/strong>.\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Alitajran+2CloudInfra+2LazyAdmin+2<\/a><\/li>\n\n\n\n<li>Under\u00a0<strong>Allowed domains<\/strong>, add the domains you wish to permit.\u200b<\/li>\n\n\n\n<li>Click\u00a0<strong>Save<\/strong>\u00a0to apply changes.\u200b<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p><strong>Caution<\/strong>: This method is less secure and should be used only when necessary, as it may allow spoofed emails to bypass spam filters.&nbsp;\u200b<a href=\"https:\/\/lazyadmin.nl\/office-365\/whitelist-domain-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">LazyAdmin<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>Summary<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Best Practice<\/strong>:\u00a0Use\u00a0<strong>Mail Flow Rules<\/strong>\u00a0for precise control and enhanced security.\u200b<a href=\"https:\/\/lazyadmin.nl\/office-365\/whitelist-domain-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Active Directory Pro+7LazyAdmin+7Microsoft Learn+7<\/a><\/li>\n\n\n\n<li><strong>Alternative<\/strong>:\u00a0Employ the\u00a0<strong>Tenant Allow\/Block List<\/strong>\u00a0for temporary allowances.\u200b<a href=\"https:\/\/cloudinfra.net\/bypass-spam-filtering-in-microsoft-365-office-365\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Learn+3CloudInfra+3Microsoft Learn+3<\/a><\/li>\n\n\n\n<li><strong>Least Recommended<\/strong>:\u00a0Modify\u00a0<strong>Anti-Spam Policies<\/strong>\u00a0only when other methods are unsuitable.\u200b<\/li>\n<\/ul>\n\n\n\n<p>Implementing these methods carefully will help ensure that legitimate emails from trusted domains are delivered without being marked as spam.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u2705 Recommended Method: Create a Mail Flow Rule (Transport Rule) This method allows you to define specific conditions under which emails from certain domains bypass spam filtering.\u200bCloudInfra Steps: This approach is preferred as it allows for granular control and can incorporate additional security checks to ensure the legitimacy of the sender.&nbsp;\u200bActive Directory Pro \u26a0\ufe0f Alternative [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[127,98,117],"tags":[],"class_list":["post-1812","post","type-post","status-publish","format-standard","hentry","category-email-and-mx","category-it-knowledge-base-articles","category-ms365","post-preview"],"_links":{"self":[{"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=\/wp\/v2\/posts\/1812","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1812"}],"version-history":[{"count":1,"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=\/wp\/v2\/posts\/1812\/revisions"}],"predecessor-version":[{"id":1813,"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=\/wp\/v2\/posts\/1812\/revisions\/1813"}],"wp:attachment":[{"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1812"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ultrexstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}