Configure Microsoft Outlook

Riot sends phishing e-mails. Therefore, without proper configuration, some of these e-mails would not pass Microsoft’s spam filter. This would be unfortunate because it would compromise your campaign statistics.

The following guide explains how to avoid this phenomenon, and to allow your campaigns to run smoothly.

Did you know? Unlike Riot, hackers would have no problem bypassing your spam filter by exploiting legitimate email servers, which Riot cannot afford to do.

1. Open Exchange admin

To whitelist Riot, you will need to add the IP address we use to send emails. Go to Exchange admin center and open  Mail flow > Rules.

Open Exchange admin center →

2. Create the bypass rule

Now click the + Add a rule > Create a new rule.

3. Whitelist the IP address

The IP address we will use to send our emails is This IP address is dedicated to Riot and won’t be used by any third parties.

First, start by naming the rule: the name doesn’t really matter, Call it "Riot bypass" for instance.

Then, you will need to apply this rule for the reserved IP address To do that, in the Apply this rule if… list, select The sender….

And then IP address is in any of these ranges or exactly matches.

Add IP and save.

4. Add an additional header

From time to time, some links sent by Riot might be flagged as suspicious. That’s why we suggest to add an additional header to prevent that from happening.

To do that, select Modify the message properties… and then set a message header.

Then on the right, call the property X-MS-Exchange-Organization-SkipSafeLinksProcessing.

Set the value to 1.

You’re all set now, so don’t forget to Save the rule.

5. Activate the Phishing simulation feature

Microsoft released recently an additional setting that makes it very easy to whitelist Riot emails. Go to the Advanced delivery options and click on Edit.

It will open a side panel. In there, you will have to enter both the domain name we use to send phishing emails and the IP address Finally, add the domains and and hosting our phishing pages.

Once added, click on Save

6. Modify the block/allow list

To fully allow emails sent from our sending IP, we need to add one last parameter, for this go to this page and click on Add.

This will open a side panel. You must enter the following information *, This allows all senders from Riot's sending IP to be authorized.

Once added, click on Add and here we go!

7. Add Riot phishing page URL to Safe Links

To avoid blocking our Riot phishing urls by Microsoft Defender, We need to add a configuration in Safe Links, go to this page and click on Create.

Once clicked, a page opens, you will have to pick a name for your safe links policy, eg. "Riot Safe links Policy"

Add the audience you want to send phishing emails to in the next section, It can be users, groups or domains.

Then, take some time to carefully follow those settings in the picture below 👇

Click on "Manage URLS" and add the urls in the picture below 👇

Then click "next" and choose default for notification.

Then click "next" and "finish".

8. Try it out

Now that you have configured Microsoft Outlook to receive Riot emails, go back to the platform and test the configuration.

Please note: the configuration may take a few minutes to propagate. If everything is well configured and you encounter a problem, wait 10 minutes and try again.