Setting Up Microsoft 365 Defender and Exchange Allow List

To allow Phishing Simulation to send your organization emails, configure Microsoft 365 Defender and Microsoft Exchange allow list settings.

Configure your Microsoft 365 Defender phishing simulation settings to allow Phishing Simulation to send your organization emails.
  1. In the Trend Vision One console, locate and copy the Phishing Simulation sending domains, sending IPs, and simulation URLs by going to Phishing Simulation Assessment > Step 3 Delivery > Settings.
  2. In the Microsoft 365 Defender portal, go to Email & collaboration > Policies & rules > Threat policies > Advanced delivery in the Rules section.
  3. On the Advanced delivery page, click the Phishing simulation tab and then click Add.
  4. In the Edit third-party phishing simulation panel that opens, configure the following settings.
    • Sending domain

    • Sending IP

    • (Optional) Simulation URLs

    Your organization should now be able to receive emails from Phishing Simulation. To verify email delivery, run a test phishing campaign.


The simulation URLs change over time. Check the list before launching a new campaign.

For more information on configuring Microsoft 365 Defender settings, see Use the Microsoft 365 Defender portal to configure third-party phishing simulations.


If your organization is still unable to receive Phishing Simulation emails, learn how to troubleshoot the Microsoft Defender and Exchange allow list.