Trust-listing is an important facility for the successful implementation and usage of the Cyber Risk Aware Platform. All clients of the Cyber Risk Aware platform MUST trust-list our mail server to allow the successful delivery of Mock Phishing and Training emails. 


This is a requirement for all mail service providers.


Note: These instructions cover Outlook 365. Other mail server instructions can be made available upon request.


To successfully trust-list our mail server you must carry out two tasks.


Step 1 - Add Cyber Risk Aware Mail server to your allowed mail list

Step 2 - Allow Cyber Risk Aware mail bypass your spam filter - SENDER IPs 

Step 3 - Allow Cyber Risk Aware mail bypass your spam filter - SENDER DOMAINs

Step 4 - Allow Cyber Risk Aware mail bypass your spam filter - DMARC & Message Header X-ETR 





Step 1 - Add Cyber Risk Aware Mail server to your allowed mail list



  • Logon to Microsoft 365 admin center
  • Expand the "…Show All" option on the left hand menu
  • Click on "Security" in the left hand menu
  • Click on "Policies & Rules"
  • Click on "Threat policies"
  • Click on the Anti-Spam link under Policies.
  • You are now in your Office 365 Anti-Spam settings.
  • Click on Connection filter policy (Default).
  • You will see a side window open titled "Connection Filter Policy (Default)". 
    Click on the Edit Description link and give the policy a suitable name / description  (e.g. CRA  / SafeTitan trust-listed IPs or similar).
  • Then click on the Edit connection filter policy link under Connection Filtering.
  • Please add the following IP addresses (192.254.120.51 and 168.245.104.162) into the box labelled "Always allow messages from the following IP addresses or address range".
    Please enter one at a time and then hit the TAB key to save, which will then allow you to add the next one (of two).
  • Finally, click Save, then Close.




Step 2 - Allow Cyber Risk Aware mail bypass your spam filter – SENDER IPs

  • Log onto the admin portal on your mail server. 
  • Select the Admin menu item. 
  • You will now be in the Microsoft 365 admin centre. 
  • Please expand the “… Show all” section.
  • Select / Click on the Exchange sub-menu item.
  • You are now in your Office 365 Exchange admin centre Dashboard.

  • Look for the "mail flow" section on your dashboard and select / click.
  • You should now be in the rules Section of your Exchange admin centre.
  • Select the plus symbol (underneath rules) and select "Bypass Spam Filtering"
  • Give the rule a suitable name by typing it in to the Name: field (e.g. CRA Spam Filter Rule). 
  • Click on the *Apply this rule if... dropdown and then select "The Sender..".
  • You will see a pop out list - please then select the "IP address is in any of these ranges or exactly matches" sub item.
  • A pop-up window will appear titled "specify IP address ranges".
  • Please add the following IP addresses "168.245.104.162" & "192.254.120.51" for this rule by entering them one at a time in the textbox and clicking the plus icon. When both are added, click on the OK button.
  • You will now see that the IPs have been added.

  • The next thing to do is to click on the Add Action button that appears underneath this.
  • From the resultant dropdown menu titled Select one, select Modify the message properties... and finally set a message header.
  • You will need to click on both instances of 'Enter Text' to set the Message Header and value properties. These appear to the right of the dropdown labelled Set the message header to this value...
  • Click on the first instance of Enter Text to set the Message Header. Please enter this exact text noting that it is case sensitive:
    X-MS-Exchange-Organization-BypassClutter
  • Click OK
    Then click on the second instance of Enter Text to set the Header  value. Please enter this exact text noting that it is case sensitive:
    true
  • Click OK
    Click on "Save".


Step 3 - Allow Cyber Risk Aware mail bypass your spam filter - SENDER DOMAINs

  • From the Exchange admin centre, select mail flow
  • Click the (+) button beneath Rules
  • Select Bypass spam filtering...
  • Give the rule a name, such as "CRA Spam Filter Rule with domains "
  • Click the Apply this rule if... drop-down menu and select The Sender, then select domain is….
  • Enter all of our domains (listed below), clicking the + sign after each entry, then click OK




  • Note the section titled *Do the following... with the dropdown option of Set the spam confidence level (SCL) to... requires another rule  - but as we can't do it directly on this screen we will address this below.
  • Click Save.


 

  • Lastly, we must set our Spam Confidence Level (SCL) rule up. This was the step we bypassed above.
  • Please return to your Microsoft 365 Admin Centre and click on Exchange and then mail flow as we did at the start of Step 2 (above).
  • Click on rules, the plus icon and then Create a new rule...
  • Give the rule a suitable name e.g. CRA Spam Confidence Level (CSL) and check on the More options... link that appears towards the bottom of this pop-up window.
  • From the *Apply this rule if... dropdown select The sender is.... then IP address is in any of these ranges or exactly matches.
  • Please add the following IP addresses "168.245.104.162" & "192.254.120.51" for this rule by entering them one at a time in the box and clicking the plus icon. When both are added, click on the OK button.
  • You will see that the IPs have been added.
  • Click on the dropdown labelled *Do the following... (Select One) then click Modify the message properties...   and then set the spam confidence level (SCL) 
  • Click on the dropdown under specify SCL and select Bypass spam filtering.
  • Click Ok.

Finally, click Save.



Step 4 - Allow Cyber Risk Aware mail bypass your spam filter - DMARC & Message Header X-ETR


These instructions essentially follow the Microsoft instructions here (starting with the heading (Recommended) Use mail flow rules and ending just before Use Outlook Safe Senders.

Use the same IP addresses and domains listed above.

  • From the Exchange admin centre, select mail flow
  • Click the (+) button beneath Rules
  • Select Bypass spam filtering...
  • Give the rule a name, such as "DMARC Skip filtering for all 21 CRA domains"

  • From the Apply this rule if.... select The Sender... then domain is and you will see a pop-up box entited specify domain.
  • Add all 21 Cyber Risk Aware domains below, one at a time. Where you type in / copy and paste a domain, you will need to click on the plus icon to add it.



  • Once all 21 domains are added, click the OK button.

  • Click the Add condition button
  • Select from the Select One dropdown and select The Sender... then is external/internal and then you will see a select sender location dialog - select Outside the organization
  • Click the Ok button.

  • Click the Add condition button.
  • From the new Select one dropdown, click on A message header... then includes any of these words
  • You will see two clickable links to the rights of this dialog - Enter text... and Enter words
  • When you click Enter text... you will see a text entry box titled "specify header name"
  • Enter Authentication-Results 

  • Then click on the Enter words... you will see a test entry box titled "specify words and phrases" 
  • Enter the value dmarc=pass and click the plus icon
  • Enter the value dmarc=bestguesspass and click the plus icon 
  • Click the OK button


  • Click the Add condition button
  • Select from the Select One dropdown and select The Sender... then IP address is in any of these ranges or exactly matches
  • You will see a clickable Enter IPv4 or IPv6 addresss... link:
  • Please add the following IP addresses "168.245.104.162" & "192.254.120.51" for this rule by entering them one at a time in the textbox and clicking the plus icon. When both are added, click on the OK button.

  • Click the *Do the following button
  • Select from the Select One dropdown and select Modify the message properties... then set the Spam Confidence Level (SCL) to Bypass spam filtering
  • Click OK

  • Click the add action button
  • Select from the Select One dropdown and select Modify the message properties... then Set a Message header
  • Click on the "Enter text..." label and enter X-ETR
  • Click OK

  • Click on the "Enter text..." label and enter Bypass spam filtering for authenticated CRA Domains (21) 
    (or whatever you wish)

  • Finally, click Save. Your results should look something like the following: 




Congratulations. You are now ready to create your first Cyber Risk Aware security evaluation and Training email Campaigns.