Skip to content

Add the IP addresses, URLs, and domains

You must configure the advanced delivery settings in Microsoft 365 to add the Sophos Phish Threat IP addresses, URLs, and domains.

To configure the advanced delivery setting in Microsoft 365, do as follows:

  1. Sign in to Microsoft 365 admin center.
  2. Click Show all > Security.

    You're redirected to the Microsoft Defender portal.

  3. Click Email & collaboration > Policies & rules.

  4. On the Policies & rules page, click Threat policies.
  5. On the Rules section, click Advanced delivery.
  6. Click the Phishing simulation tab.
  7. Click Edit.
  8. Enter the Sophos Phish Threat IP addresses, URLs, and domains.

    For more information about the IP addresses, URLs, and domains that Phish Threat uses, see IP addresses, URLs, and domains.

  9. Click Save.

Note

Sophos Phish Threat campaign materials may be marked as High Confidence Phish. To resolve this, configure third-party phishing simulations in the advanced delivery policy. See Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes.