For whitelisting ThreatCop in your Exchange 2013 and 2016 or Office 365 environment, you will have to whitelist ThreatCop’s IP addresses and set up a mail flow rule to allow incoming emails to bypass both the Clutter folder and Microsoft’s EOP spam filter. It may take 1-2 hours to reflect the new rules.
104.211.88.134
168.245.74.19
Step 1: Login to your mail server admin portal and go to Admin
Step 2: Click on Exchange on the left panel
Step 3: Click on Connection Filter option under the Protection section
Step 4: Click on the edit icon to edit the connection policy
Step 5: Click on Connection Filtering > + icon > Allowed IP Address > Add the following ThreatCop’s IP addresses one by one.
Step 6: Once done, click on Okay and Save
Step 1: From the Exchange Admin Centre, select Mail Flow on the left-hand menu
Step 2: Click on the + icon under the Rules section. Then, select Bypass Spam Filtering
Step 3: Click on the + icon and select The Sender. Then, select IP addresses is in any of these range or exactly matches
Step 4: Enter all ThreatCop’s IPs and click on OK
Step 5: Click on the Do the Following drop-down menu and select Modify the Message Properties. Then, click on Set a Message Header
Step 6: Click on *Enter text* to set the message header. Enter the following: “X-MS-Exchange-Organization-BypassClutter“
Step 7: Once entered, click OK
Step 8: Click on ‘to the value’ > *Enter text* > Enter “true” > Click on OK
Step 1: Select Bypass Spam Filtering
Step 2: Give the rule a name, for instance-“Junk Filtering”
Step 3: Click on Apply this rule if and select The Sender from the drop-down menu. Select IP address is in any of these ranges or exactly matches
Step 4: Enter all of ThreatCop’s IP addresses
Step 5: Click on the Do the following drop-down menu and click on Modify the message properties. Then, select Set a Message Header
Step 6: Click on the *Enter text* and enter the following text: “X-Forefront-Antispam-Report“. Then, click OK
Step 7: Click on ‘to the value’ > *Enter text* > Enter “SFV:SKI;”.
Step 8: Once done, click OK
Step 9: Under the Properties of this rule section, set the priority to directly follow the rule you created in the Bypassing Clutter and Spam Filtering section