Create an SCL -1 Rule in Microsoft for Shield Domains

Description

How to Create the Shield Bypass Spam Filtering Rule

Video

Step-by-Step

1. Go to Exchange Admin Center > Mail flow > Rules and click on + Add a rule.

2. Fill out the rule:

• Name: Shield - Bypass Spam Filtering
• Apply this rule:
  • If the sender > IP Address is in any one of these ranges or exactly matches:
    • 3.135.43.190
    • 3.133.222.181
    • 18.189.152.83
    • 3.13.18.50
    • 3.21.178.168
    • 3.129.146.181
    • 13.58.249.20
    • 3.128.208.182
• Do the following:
  • Modify the message properties > set the spam confidence level (SCL):
    • Bypass spam filtering
• Click Next > Next.
• Review the rule to ensure it is correctly configured, then click Finish > Done.

3. Enable the rule:

• Click the rule's name to select it then click the toggle to change from Disable to Enable.
• Wait until Updating the rule status, please wait… changes to Rule status updated successfully.

NOTE: The priority of the rule usually does not need to be changed. However, if there is a conflicting transport rule in the M365 tenant to quarantine, reject, or set an elevated SCL, then the priority of the Mailprotector bypass rule should be set to 0. 

Exception

In rare cases a High-Confidence phishing message may be detected by Microsoft. It is very likely a legitimate phishing attempt, and it will be quarantined by Microsoft regardless of the bypass rule. 

Getting Help

For more information about creating SCL rules please visit Microsoft. If you need assistance with creating the transport rule, please contact the Partner Success team.

Updated April 04, 2025 20:17