I'm running a phishing awareness campaign using Microsoft, and I've hit a wall. Creating templates is a pain because they're in base64, and then any content I send out gets blocked by the safe sender list. I've tried adjusting the SCL score to -1 and adding the email address to every exclusion list I could find, but it doesn't seem to make a difference. Is there anyone else dealing with this issue? Perhaps there's a workaround I've missed?
4 Answers
Have you tried making your content into a jpg? Sometimes that helps get past the filters!
I use Microsoft a lot for these kinds of campaigns, and it usually works. Just to clarify, when you mention the safe sender list, are you facing delivery issues, or do users just have to click 'Show blocked content' to see the images?
That's it, exactly!
To solve this, you'll want to head over to security.microsoft.com. From there, navigate to 'policies & rules', then find 'threat policies' and go to 'advanced delivery'. That should help you get your emails through!
Exactly this one right here!
Thanks, I'll check there first thing tomorrow!
I haven’t used Microsoft for this specifically, but generally, they often recommend adding certain domains to your safe sender list. It might be worth doing some research to find those domains.
Images are blocked too, unfortunately. Plus, I have to convert everything to base64 for the template.