Once Security Awareness training is enabled on your Proofpoint account, this can be set up for O365 by completing the following tasks:

  1. Update your domain's SPF record to allow sending IP addresses
  2. Create mail flow rule to allow phishing simulation emails
  3. Configure Advanced Delivery policy

Update SPF Record

In your domain's DNS zone, add the following IP addresses to your SPF record depending on your region:

  • US: and
  • EU: and

Create Mail Flow Rule

In the O365 Exchange Admin Center under Mail Flow > Rules (https://admin.exchange.microsoft.com/#/transportrules), create the following rule:

  • Apply this rule if
    • The sender > IP address is in any of these ranges or exactly matches
  • Do the following
    • Modify the message properties > set the spam confidence level (SCL)
      • -1 or "Bypass spam filtering"
    • Modify the message properties > set a message header
      • Set the message header X-MS-Exchange-Organization-SkipSafeLinksProcessing to the value 1

Configuring Advanced Delivery Policy

To prevent Microsoft from erroneously generating informational alerts on Proofpoint's phishing simulation emails, an advanced delivery policy can be implemented in O365. This can be completed through the following steps:

  • Under Domain, add the following:
    • securityeducation.com
  • Under Sending IP, add the following items depending on your region:
    • US: and
    • EU: and
  • When finished, click Save at the bottom of the page