VIPRE Security Knowledge

PhishProof: Direct-to-Inbox

Super Administrator

Written By Marissa Fegan (Super Administrator)

Updated at September 12th, 2025

Table of Contents

Step 1: Configure Microsoft 365 for PhishProof Configure an Inbound Connector in Microsoft 365 Configure Mail Flow Rules Configure Connection Filter Policy for Phishing Simulations with VIPRE Integrated Email Security Step 2: Connect PhishProof to Microsoft 365 Steps 3 & 4: Test Connection and Enable Direct-to-Inbox

Ensure delivery of your phishing tests with PhishProof Direct-to-Inbox. By integrating directly with your Microsoft 365 environment, this feature bypasses traditional security email gateways, ensuring your simulated messages always reach their target for more effective training. 

PhishProof Direct-to-Inbox currently integrates only with Microsoft 365. 

VIPRE Recommends

For a seamless deployment, we recommend rolling out to a small pilot group of users before deploying to the entire organization.

Before you begin, if you have not already done so, please review the PhishProof Prerequisites. It is recommended to have them open in another browser window during this setup process.

 

To configure Direct-to-Inbox:

  1. From within iLMS, click PhishProof from the left menu
  2. Once PhishProof opens, hover over Settings in the left menu, and select Direct-to-Inbox

Step 1: Configure Microsoft 365 for PhishProof

To configure DTI, you must complete several processes within your Microsoft 365 environment, including configuring an inbound connector, mail flow rules, and a connection filter policy, which will allow PhishProof to bypass your email security.

Before starting, ensure you have administrative access to the Microsoft 365 Exchange Admin Center and Microsoft Defender.

Configure an Inbound Connector in Microsoft 365

Configuring an inbound connector in Microsoft 365 Exchange Admin Center streamlines email flow and enhances security for your organization's communication infrastructure. This process allows you to establish trusted connections with partner organizations and implement custom mail routing rules. 

  1. In a second browser tab, log in to the Microsoft 365 Exchange Admin Center
  2. Navigate to the Mail Flow > Connectors section
  3. Click Add Connector
Image A - Adding a connector in Microsoft 365
  1. Select Partner Organization in the connection type
  2. Provide a descriptive Connector Name
Image B - Connector name and description

 

  1. On the Authenticating sent email screen, select By verifying that the IP address of the sending server matches one of the following IP addresses, which belong to your partner organization
    1. In this case, we (VIPRE Security Group) are your partner organization
    2. Use the relevant IP addresses below based on your geographical location
Region/Access URL IP Address

Asia 

https://asia.inspiredlms.com/

 13.215.236.136

Europe 

https://europe.inspiredlms.com/

176.34.82.119

54.72.119.208

52.211.103.221

EMEA

https://emea.securityawarenesstraining.com/

34.253.128.215

54.72.119.208

52.211.103.221

North America

https://www.inspiredlms.com/

34.229.36.22

52.54.239.51

100.29.131.89

54.91.86.36

Partners

https://securityawarenesstraining.com/

54.156.131.219

52.54.239.51

100.29.131.89

54.91.86.36
Table A - DTI Email Service IP Addresses
  1. Click Next
  2. On the Security Restrictions screen, enable TLS security restrictions by selecting Reject email messages if they aren't sent over TLS, then click Next
  3. After reviewing the connector settings, click Create Connector at the bottom of the page

Configure Mail Flow Rules  

This section explains how to create a mail flow rule in Microsoft 365 to bypass spam filtering for emails sent from specific IP addresses. This rule works by setting the Spam Confidence Level (SCL) to -1, which prevents messages from trusted sources from being sent to the junk or spam folder.

  1. Assuming you're still logged in to the Microsoft 365 Exchange Admin Center (EAC), select Mail flow > Rules from the navigation menu
  2. Click +Add Rule, then select Create a new rule
  3. Enter a descriptive name for your rule
  4. Under Apply this rule if, select The sender, then choose IP address is in any of these ranges or exactly matches 
    Set Rule Conditions screen showing name of the rule, how to apply the rule, and when to execute the rule
    Image C - Configure Rule Conditions
  5. In the window that appears, enter the trusted IP addresses that you want to allow; these should match the IP addresses configured in your inbound connector, as shown above in Table A - DTI Email Service IP Addresses
  6. Click Save
  7. Under Do the following, select Modify the message properties, and then choose Set the spam confidence level (SCL)
  8. In the pop-up window, select Bypass spam filtering from the dropdown menu
    •  There is no need to change this from the default SCL value
  9. Click Save, then Next
    • Rule mode: Select Enforce 
      • This turns the rule on as soon as it's saved
    • Stop processing more rules: Check this box
      • This prevents subsequent rules from overriding this action and potentially marking the email as spam 
        Set Rule Settings screen in Microsoft 365 showing rule mode, severity, when to activate or deactivate.
        Image D - Rule Settings
  10. Click Next, review your settings, and then click Finish
  11. You will see a confirmation that the rule has been created; click Done
  12. On the Rules screen, click the checkbox next to your newly created rule and select Edit at the top
  13. Your rule details will appear; click the Settings tab and set Priority to 0
    • This ensures it's applied before any other filtering rules
  14. Click Save
  15. In the list of Rules, under the Status column, you can see if your rule is Enabled or Disabled
    1. If your rule is disabled, you can enable it by clicking Disabled to open the details pane and use the toggle to enable it
      • Allow a few moments for the rule to become fully active
Image E - Summary of Inbound Rule for PhishProof Emails
Image F - Enabling Mail Flow Rule for DTI Delivery

 

Configure Connection Filter Policy for Phishing Simulations with VIPRE Integrated Email Security

The following steps provide a straightforward method to configure Microsoft Defender to allow phishing simulation emails from VIPRE's PhishProof platform to be delivered directly to your users. This is achieved by whitelisting the PhishProof Direct-to-Inbox (DTI) IP addresses in your connection filter policy, ensuring your phishing simulations are both effective and uninterrupted.

Important

While these steps have been primarily tested with VIPRE Integrated Email Security, the same principle should be able to serve as a general guide for bypassing different Integrated Cloud Email Security (ICES) solutions. Always validate your configuration with your specific email security platform to ensure compatibility.

 
  1. Navigate to the Microsoft 365 Defender portal
  2. In the navigation pane on the left, expand the Email & collaboration, then select Policies & rules
  3. Choose Threat policies and then find and click on the Anti-spam card
  4. On the Anti-spam policies page, select Connection filter policy (Default)
  5. A details pane will slide out from the right; click the Edit connection filter policy button
  6. In the policy settings, find the section titled Always allow messages from the following IP addresses or address range; in the text box provided, enter all the appropriate regional DTI IP addresses from Table A above
    • Ensure you enter one IP address or IP range per line 
      Connection filter policy details showing where to add IP addresses to always allow messages
      Image G - Connection filter policy configuration for bypassing VIPRE IES

 

  1. Leave Turn on safe list unchecked
  2. Click Save at the bottom of the pane, then click Close to exit the policy editor

Step 2: Connect PhishProof to Microsoft 365 

After completing the steps above in Microsoft 365, select the tab where you have PhishProof open, and go to Step 2: Connect PhishProof to your Microsoft 365 Environment.

Direct-to-Inbox screen within PhishProof showing Step 2 to connect PhishProof to your organization's Microsoft 365 environment with details for domains, host URL, and port.
Image H - Configuring DTI in PhishProof Step 2
Field Description
Domain(s)

This field controls which of your organization's email domains will use Direct-to-Inbox delivery for phishing campaigns.

  • Option 1: Enable DTI for Everyone
    • To enable DTI for all users in your organization, leave this field blank
      • This will result in the system using DTI for every user, regardless of their email domain
  • Option 2: Enable DTI for Specific Users
    • To enable DTI for only select groups of users on specific email domains, enter those domains in this field
      • This will result in users with unlisted email domains using the standard SMTP delivery method
Host URL

This field is for your Microsoft 365 hostname. Use the steps below to locate it.

 

Before starting, ensure you have administrative access to the Microsoft 365 Admin Center.

 

Step 1: Access Your Domain Settings

  1. Log in to your Microsoft 365 Admin Center account
  2. Using the menu on the left, navigate to Settings, and then select Domains
  3. You will see a list of your domains; click on the one you need the hostname for

Step 2: Locate Your DNS Records

  1. On your domain's page, click on the DNS Records tab towards the top
  2. Select Manage DNS 
  3. You will be asked how you want to connect your domain; under the "Add your own DNS records" option, click on More options
  4. Verify that Add your own DNS records is selected and then click Continue

Step 3: Find Your Hostname

  1. Check the box for Exchange and Exchange Online Protection
  2. Click on the small arrow next to MX Records to open the drop-down menu
  3. Your hostname is listed in the Points to address or value column; copy this hostname and paste it into the Host URL field in PhishProof
  4. Close the page without saving
Port

The default port number is 25 unless an administrator has explicitly changed it.
Table B - Descriptions of DTI Configuration Fields

Steps 3 & 4: Test Connection and Enable Direct-to-Inbox

Under Step 3: Test your Connection, you can confirm your setup by sending a test email. This will verify that PhishProof can connect to your mail server and deliver messages directly to the target inbox.

  1. Enter your desired test email address in the text field and click Send Test Email
  2. If successful, you will see a green confirmation that says “Connection successful. A test email has been sent to the address above.”
    1. To verify this in your test Inbox, look for the email subject Test Email - Connection Verification
  3. Once that test has been successfully completed, select the toggle next to Enable Direct-to-Inbox and click Save
Image I - Test & Enable DTI from within PhishProof

Congratulations! Direct-to-Inbox has been successfully configured within PhishProof.

Related Articles

PhishProof Initial Setup

Read a PhishProof category below to expand and learn more. Timezone Setting the T...