M365 Configuration
Please double check the below list of IP Address and domains against the Wizer updated list here: Wizer IPs and Domains (wizer-training.com). Continue to follow the instructions below but ensure to include any additions found at the link above.
M365 Allow Listing
Initial configuration within Microsoft 365 makes use of Advanced Delivery settings to ensure simulation emails are delivered directly to your email without an issue, read more about Advanced Deliver: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/skip-filtering-phishing-simulations-sec-ops-mailboxes?view=o365-worldwide#use-the-microsoft-365-defender-portal-to-configure-third-party-phishing-simulations-in-the-advanced-delivery-policy.
Navigate to https://security.microsoft.com/advanceddelivery?viewid=PhishingSimulation
Select “Add” in the middle of the screen if there are currently no bypasses in place or “Edit” if available.
Add the following IP Addresses:
3.132.222.232 100.21.157.149 100.24.129.5 104.236.69.186 104.197.155.117 104.131.52.111 167.71.100.208 64.225.56.248 104.131.18.139
Add
phishtest.inkyphishfence.com
to the domain section, as well as…Add the following Wizer Domains:
ssuport.com supppot.com center-supports.com supoorts.com suporrt.com team-support.net supppot.net legal-user.com the-verification.com legals-team.com authenticatecenter.com ourlogin.co.uk mnminfo.com help-desc.com account-protector.com calendarsupdates.com appstatusupdate.com hr-updates.net itservicesector.com mailer-sender.com servicealerts.net status-pager.com nonreplies.com registerconfirmation.com altasian.net communitlyforums.com validation-service.net supplyservice.net shopping-card.net paymentserrvice.com online-store-service.com market-sales.net internal-service-updates.com infraupdates.com
The select “Add.”
If a third-party Secure Email Gateway (SEG) is the primary MX record for your team, you should continue to the following steps to ensure Microsoft can find the appropriate IP addresses.
We’ll make use of Enhanced Filtering for Connects, also known as Skip listing, within Microsoft to allow you to filter email based on the actual source of messages that arrive over the connector. Enhanced Filtering skips the source IP addresses of the connector and looks back in the routing path to determine the actual source of the incoming messages. Learn more at Enhanced Filtering for Connectors.
Navigate to https://security.microsoft.com/skiplisting
Select the appropriate inbound connector, in the example above I’ll choose “Secure Email Gateway Inbound Connector.”
Select the “Automatically detect and skip the last IP address” radial (recommended) or
Select the “Skip these IP addresses…” radial and input the exact IP addresses from your Inbound gateway if you know the exact IP addresses it always uses.
Finally Select “Apply to entire organization” then “Save”
(Optional) if you’d like to test with a small subset of users first you can select “Apply to small set of users” then select your users or groups and save but remember to apply to the entire organization when ready!