Microsoft Active Threat Protection (ATP or Safelinks) Whitelisting

In order to ensure Curricula phishing emails are properly delivered, and your reporting is accurate, it may be necessary to create a mail flow rule to ensure Curricula emails are whitelisted by Microsoft's ATP. This will also make sure that phishing emails are not opened/clicked prior to their delivery.


  1. Create a new mail flow rule in your Exchange/Office Admin center
  2. Give the rule a name such as "Bypass ATP Links".
  3. Click More options....
  4. From the Apply this rule if…. drop-down menu, select The senders then select IP address is in any of these ranges or exactly matches. 
  5. Enter our IP address :
    18.205.140.116 (Phishing Server)
    168.245.36.66 (Training Server)
  6. From the Do the following… drop-down menu, select Modify the message properties... and then set a message header.
    • Click the first *Enter text... link and set the message header to:
      • X-MS-Exchange-Organization-SkipSafeLinksProcessing
    • Click the second *Enter text... link and set the value to: 1
    • Click Save.