MS 365 Whitelist a Domain using EAC , Exchange Admin Center

How to Whitelist an entire Domain in Exchange Admin Center.

  1. Open the Exchange Admin Center. 
  2. Click on the Mail Flow drop down and select Rules. 
  3. Add a new rule for Bypass Spam Filtering. 
  4. From the Apply this rule if… drop down, select the sender… domain is. 
  5. Type the domain in the Specify Domain flyout window and click the Plus button to add the domain to your policy.  
  6. Add additional domains here or click Ok to exit the flyout window.  
  7. In the Do the following… field, Set the spam confidence level (SCL) to Bypass Spam Filtering should automatically be selected.  
  8. Set the SCL to  -1  This sets it to bypass all spam filtering
  9. Click Save to apply the policy.  

Whitelisting an entire domain can leave your organization vulnerable to threats from accounts that spoof the allowed domain. To mitigate some of this risk, we recommend adding an additional condition that checks if the message was sent from the domain’s registered servers: 

  1. Click the Add Condition button under the Apply this rule if… header. 
  2. From the drop-down, select A message header… > includes any of these words. 
  3. Click the Enter text… hyperlink and specify the header name as Authentication-Results 
  4. Then select the Enter words… hyperlink and add dmarc=pass and dmarc=bestguesspass to the Specify words or phrases list as separate entries.  
  5. Click Ok to exit the flyout window and save your phrases.  
  6. Click the Save button to save your rule.