Microsoft 365 uses the Safe Links feature to automatically check links in emails and display warnings to users on links that can't be verified as genuine.

To avoid having M365 display warnings on your simulated phishing links, you can set up a Bypass rule in your Exchange ATP settings.

Note: You will need to first add a header to your usecure emails through the platform settings. If you have not already done so, follow these instructions to add a header.

1. Open the Exchange Admin Center

2. Go to Mail Flow -> Rules

3. Click on + Add a rule and select Create a new rule

4. In the New transport rule window on the Set rule conditions page, under Name enter a unique descriptive name for the rule.

5. Under Apply this rule if... select The message headers... > includes any of these words

6. Click Enter text and enter the header name you set in the system. Click Save.

7. Click Enter words, and enter the header value you set in the system.

Enter the header value into the field and click Add to add it to the list.

8. Click Save to update the condition

9. Under Do the following select Modify the message properties > set a message header

10. Click the first Enter text link and enter the below in the “message header” field.

Then click Save.

11. Click the second Enter text link and enter “1” in the “header value” field and then click Save.

12. Review your rule to ensure it is correct, clicking on Next to review the Set rule settings and Review and finish pages.

14. Click Finish to finish creating your mail flow rule.