Preparing Your Environment is built to test anti-malware controls, rather than reputation-based controls. To that end, we recommend that you allowlist the following domain in such a way that reputation-based checks are bypassed, for example anti-spam, but anti-malware controls are still applied.

The address to allowlist is, and all emails are sent from

Additionally, emails from to validate new mailboxes originate from It’s recommended that you add this email address to your allowlists too to prevent any delays in getting setup.


  • From your Microsoft 365 Defender portal, under Policies & Rules, navigate to Threat Policies and select Anti-spam. Direct link.
  • Select the Anti-spam inbound policy (Default) policy and then scroll to the bottom and click Edit allowed and blocked senders and domains
  • Under Senders, click Manage 0 sender(s) and then Add senders
  • Enter
  • Click Add senders and Done
  • You should have something that looks like this. Once you’re happy, click Save

Spam Allowlist

If emails are still being blocked, contact Support or join us in #support on Slack to get help.


  • Log in to your Mimecast Administration Console.
  • Click the Administration toolbar button.
  • Select the Gateway | Policies menu item.
  • Select Permitted Senders from the list of policies displayed.
  • Select the New Policy button.
  • Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections.
  • In the Source IP Ranges field , enter
  • Save the policy