Methods to Whitelist a Domain in Office 365

Megha Chouhan
Megha Chouhan linkedin | Published On - January 24, 2023 |

Read time: 6 minutes

Whitelist is an allowed list of email addresses, IP addresses, domain names, or applications using a cybersecurity strategy. It safeguards our system from harmful threats that can disrupt local networks or the internet. It is created using a strict policy set and access permission by the IT admin.

Often, emails from our client or partner get landed in the spam folder because, due to any filter or mistake, they get blacklisted, so that specific domain emails are marked as spam. Another reason emails get spam is that they can be sent from unknown sources, the lead to neglecting the SPF or DMARC check. Therefore, to avoid such a mistake, we need to add a specific domain and all email addresses based on it to the whitelist.

Exchange Online’s whitelist is an exception to the security configuration that was put in place and was defeated by the program’s anti-spam mechanisms.
There are instances in Office 365 where you might want to whitelist emails:

  • Whitelist the whole domain in Exchange Online to bypass spam filtering for your customer or partner. By mistake, blacklists or filters classify emails from this domain as spam (false-positive). In this situation, you can add a certain domain and any associated email addresses to the whitelisted exceptions.
  • Multiple online services that send emails on your behalf, such as Mailchimp, ConverKit, GetResponse, ActiveCampaign, and others, should be whitelisted in Exchange Online. These services send emails to your readers or clients using your email account. Due to the fact that these services are utilising your email address while sending you emails, they can be identified as a potential danger. To ensure that emails from Mailchimp and other email providers do not end up in your Junk folder, you must add them to your whitelist.

How to Whitelist a Domain using Mail flow rules in Microsoft 365

  • Go to the Exchange Admin Center and expand Mail Flow.
  • Now select Rules and click on the plus iconselect Rules
  • Here, choose Bypass Spam Filtering.Bypass Spam Filtering
  • Now enter the name for the rule, and Under Apply this rule if select Sender, and in the next column, choose Domain is from the drop-down list.select Sender
  • Here user can also opt for some additional conditions-
  • If the user wants to filter the emails based on Words in the Subject, they can go for this-
    The Subject or Body and next Subject include any of these words
    If a user wants to prevent spoofing of an allowed domain, they can go for this
    A Message header and next includes any of these words.
    Now under “Enter text” and dmarc=pass under “Enter words….” Add Authentication-Results

  • Now go to the Add Action and select Set a message header
  • Here put the header to X-ETR and the value to Bypass spam filtering for the Domain.put the header

  • Set the Rule Setting and click on the Next buttonBypass spam filtering for the Domain
  • Finally, Review And Finish.click on the Next butto
Whitelist Domain using Microsoft 365 Defender

Here we will use the Microsoft 365 Defender, where Domain will bypass spam protection and sender authentication to whitelist a domain-

  • In Microsoft 365 Defender, go to the Policies & Rulesgo to the Policies
  • Now select Threat Policies and Open the Anti-Spam PoliciesOpen the Anti-Spam Policies
  • Select the Anti-spam inbound policy
  • Now, scroll down and click on Edit allowed and blocked senders and domainsclick on <Edit allowed and blocked senders and domains
  • Now click on Allow domains and add the domains add the domains
  • Click on the Save button to save the changes.

Whitelist a domain is a good idea to avoid your important messages getting spammed. But sometimes, even after using this, the messages used get spam, and we don’t get aware of this, so the best way to keep your important data intact with yourself by having a backup copy of that files. To backup your email messages and attachment, we recommend going for a professional tool, i.e., Kernel Office 365 Backup & Restore. It’s used backup an entire mailbox; one can use the free trial version to understand its usage. This tool is coded to ease your backup task in 4 simple steps.

Summing up

Now you must have learned how to whitelist Domain in Office 365. you can check the steps to the whitelist email address in office 365 and more articles of mine that could help you to develop an understanding of Exchange Online, Microsoft Outlook, Microsoft Teams, and SharePoint Online.