VIPRE Security Knowledge

PhishProof: Microsoft 365 Bypass Rules & Enhanced Filtering

Super Administrator

Written By Marissa Fegan (Super Administrator)

Updated at February 19th, 2026

Table of Contents

Bypass Link and Attachment Processing in Microsoft 365 Enhanced Filtering

Creating Mail Flow rules in Microsoft 365 to bypass rules and enhanced filtering ensures that "Safe Links" and "Safe Attachments" do not interfere with your phishing tests or cause false-positive results.

The following steps assume you are already logged in to your Exchange Admin Center.

  1. Create a new mail flow rule and name your rule something that makes sense to your organization
    • Examples: Bypass Links, Bypass Attachments, or PhishProof Bypass
  2. Click More Options
  3. From the Apply this rule if…. drop-down menu, select The sender, then IP address is in any of these ranges or exactly matches
  4. Enter the following IP addresses:
    • 69.72.47.208
    • 69.72.47.209
    • 69.72.47.21
    • 69.72.47.210
    • 69.72.47.211
    • 69.72.47.3
    • 69.72.47.30
    • 69.72.47.31
    • 69.72.47.56
    • 159.135.234.148
  5. From the Do the following… drop-down menu, select Modify the message properties
  6. Set a message header
    1. If bypassing links: click the first *Enter text... link and set the message header to X-MS-Exchange-Organization-SkipSafeLinksProcessing
    2. If bypassing attachments: click the first *Enter text... link and set the message header to X-MS-Exchange-Organization-SkipSafeAttachmentProcessing
  7. Set the Priority to 1 to ensure it runs before other security rules
  8. Click Save

 

Enhanced Filtering

Whether your organization uses VIPRE Email Security or a third-party email security gateway before emails reach Microsoft 365, you must enable Enhanced Filtering. This ensures Microsoft recognizes the original sender IP rather than just the IP of your filter.

The following steps assume you are already logged in to your Microsoft 365 administrator portal.

  1. Navigate to the Security & Compliance Center 
  2. Go to Threat Management
  3. Manage Anti-Spam Policies: 
    1. Under Policy, select Anti-spam policy
    2. Edit the Default Policy:
    3. Edit the default anti-spam policy or create a new custom policy
  4. Enhanced Filtering Settings:
    1. Within the anti-spam policy settings, look for options related to enhanced filtering
    2. Ensure that External email filtering is enabled. Configure any additional settings as required for enhanced filtering

Configuration complete: Microsoft ATP link/attachment processing and enhanced filtering bypasses are now active.

Related Articles

PhishProof Prerequisites

To ensure our simulated phishing campaigns and training notifications successfull...

PhishProof: Direct-to-Inbox

Ensure delivery of your phishing tests with PhishProof Direct-to-Inbox ( DTI ). B...

PhishProof Campaigns

Inspired eLearning's PhishProof campaigns are a powerful tool designed to enhance...

PhishHook Add-In

To ensure users report suspicious emails to the proper team, PhishProof offers th...