Thank you for posting your query on Microsoft Q&A, from above description I could understand that you have created an attack simulation path test for your environment but suspect that the URL were accessed by Threat policies/safe links. Now you are looking for a way to whitelist/exclude the simulation mails from Threat policies.
Please do correct me if you find the above described ask is not understood well.
Kindly follow the given steps to exclude the simulation mails from being scanned by safe links:
- Within Attack simulation training settings > Payload, once you click on the selected payload you would be able to find the sender of the simulated email, PFB example:
- Now Navigate to Policies & rules > Threat policies > Preset Security Policies > Strict protection > Manage Protection settings > Impersonation protection > Trusted senders and domains and
Add trusted email addresses and domains to not flag as impersonation.
Email messages from these senders will not be flagged as impersonation.
Thanks,
Akshay Kaushik
Please "Accept the answer (opting Yes under "Helpful")" and "share your feedback ". This will help us and others in the community as well.