Create a transportrule in Office 365 with powershell to bypass the spamfilter (Mailchimp example)

Office 365 has a nice feature which is DKIM+SPF and DMARC. The problem is it’s poorly documented, leaves a lot of questions and noone want’s to be the guinea-pig….

In this example I will create a Transport rule to allow all Mailchimp servers to bypass the spamfilter. Not best practice, but the problem is that alot of customers miss legitimate mail from providers like Mailchimp (or any other mailingservice).

You can add your own email servers/domains to the CSV file and it will work the same.

Biggest mystery is: Why do some users get the email and some other don’t? Even if the SPF is correct and so on? I can only guess it has to do with the amount of spam the user/company receives and the EOP gets more “aggressive”. I found this to be true on those accounts that had problems.

So sometimes – you just godda do it quick and dirty…

Here’s a powershell script to run against a CSV with safe domains and allow all emails to bypass the spamfilter that come from a certain domain.

Warning: I really recommend to setup things properly and not just open up the spamfilter for all the domains.

Setup the SPF + DKIM and DMARC properly if you can.

With that said – there are sometimes legitimate uses to this procedure (such as the provider not supporting DKIM). I’ll do a post with step by step on how to set it up properly once I get some answers from Microsoft.

Until then – Quick and dirty.

First: 

  • Create an empty file called Script_Safedomains.ps1
  • Add a seperate CSV file in the same folder as the script – called “SafeDomains.csv” (without the “).

If you want to allow all the mailchimp servers through Office 365 you will need to add the following servers to the CSV file:

mandrillapp.com
mailchimp.com
mcsignup.com
mcsv.net
mcdlv.net
rsgsv.net
tinyletterapp.com

  • Paste the Powershell script below in the Script_Safedomains.ps1 you just created.
  • run the script (Use Powershell ISE or rightclick, run as admin)

This script will do the following:

  • Ask for a Username/Password for an adminaccount.
  • Create a new transport rule in Exchange online which is called SafeDomains
  • Will populate SafeDomains with domains that you saved in a CSV file.
  • Will show you the domains that was added to the list
  • Will disconnect all PSSessions.

Enjoy!

Credits/Original post on:

https://blogs.technet.microsoft.com/eopfieldnotes/2014/08/15/importing-safe-and-block-lists-with-powershell/

 

 

Want to know more about me? If you want to ask anything, feel free to add me on Linkedin. This place is just for me to offload my notes - hope you find it useful.