Skip to main content
News! Click here
Sign in
Deutsch Español Français Italiano

2. Creating Transport Rules (Exchange Online)

  • Updated

Transport Rules, also known as mail flow rules, are configurations that can be managed within Exchange Online, an integral part of Microsoft 365. These rules allow IT administrators to control and customize the flow of email by applying conditions, actions, and exceptions to efficiently manage the circulation of messages within the organization.

The rule uses a dual security condition (Sender IP AND custom header), ensuring that the bypass is triggered exclusively for emails sent from the Cyber Guru infrastructure.

 

Prerequisites

  • Access to the Microsoft Exchange Online Admin Console
  • Name and value of the Cyber Guru custom header
WHERE TO FIND THE CUSTOM HEADER
The custom header is available on the platform in the section:
"HELP > Support - Knowledge > Click here to download whitelisting additional informations"

Step-by-step procedure

1. Log in to the Microsoft Admin Console

2. Go to "Mail flow > Rules"

3. Select "+ Add a rule > Create a new rule".

4. Set the name and first condition (Sender IP)

  • Enter "Cyber Guru" as the rule name in the "Name" field
  • In the "Apply this rule if" section:
    • In the first field, select "The sender"
    • In the second field, select "IP address of the sender is in the range"
    • Click "Enter word" and enter the IP address 85.235.135.191 (dedicated to phishing simulations)
    • Click "Add" and then "Save"

5. Add the second condition (custom header)

Click the "+" icon to add another condition:

  • In the first field, select "Message header"
  • In the second field, select "includes any of these words"
  • Click "Enter text" and enter the header name, then click "Save" (The header name is available on the platform in the section: "HELP > Support - Knowledge > Click here to download whitelisting additional informations")
  • Click "Enter words" and enter the header value, then click "Add" and finally "Save" (The header value is available on the platform in the section: "HELP > Support - Knowledge > Click here to download whitelisting additional informations")

6. In the “Do the following” section:

  • In the first field, select the option “Modify the message properties"
  • In the second field, select the option "Set the message header
  • Click "Enter text" and enter "X-MS-Exchange-Organization-SkipSafeLinksProcessing" and click "Save"
  • Click "Enter text" and enter "1" and click "Save"

7. In the "And" section, click the "+" icon to add another action

  • In the first field, select "Modify the message properties"
  • In the second field, select "Set the spam confidence level" and set it to "Bypass spam filtering" (a confidence level of -1 will appear)
  • Click "Save"

7. Complete the rule creation

Click "Next".

8. Configure the rule settings

  • Enable the checkbox "Stop processing more rules"
  • Leave all other settings as default
  • Click "Next"

9. Review and confirm

On the summary screen, click "Finish".

10. Set the rule priority

  • Click on the name of the rule you just created
  • Click "Edit Rule Settings" at the top right
  • Set the "Priority" to "0"
  • Click "Save"

11. Activate the rule

  • Click the rule name again
  • Enable the toggle in the "Enable or disable rule" section
  • Wait for the confirmation message: "The rule status has been successfully updated"

 

Related articles