With changes in M365, specifically around Secure by Default, simulation emails from KB4 may be quarantined by M365. The guide below creates a bypass to ensure these simulation emails are not quarantined and are processed by INKY.
Useful Links:
\uD83D\uDCD8 Instructions
Navigate to https://app.inkyphishfence.com/settings/phishing-awareness-training
Set KnowBe4 as the Platform
Custom Banner - Neutral (we recommend neutral as it’ll mean you’re testing users on what if INKY misses the phish, but you can set Caution or Danger to force those banners as well).
Always Check: Do not attach raw messages to reports for simulated phishing messages to ensure that reported messages aren’t rescanned and potentially cause click events.
Optionally, select the other options as needed (Note: leaving the email notification address blank will not send an email to anyone)
Navigate to https://security.microsoft.com/advanceddelivery?viewid=PhishingSimulation
Add KB4 IPs and the below INKY IPs. After adding the IPs, your Advanced Delivery should look similar to the below screenshot:
INKY IPs:
3.231.237.226, 100.24.129.5, 3.132.108.44, 3.132.222.232, 100.21.157.149, 34.210.15.192KnowBe4 US, CA, UK, and DE IPs:
147.160.167.0/26, 23.21.109.197, 23.21.109.212OR…KnowBe4 EU IPs:
147.160.167.0/26, 52.49.201.246, 52.49.235.189, 23.21.109.197, 23.21.109.212
You’ll also want to make sure your KnowBe4 DKIM Domains need to be listed on the above page and ensure DKIM is turned on within KnowBe4 here: https://training.knowbe4.com/ui/account/info#phishing
