If you use Microsoft 365 Defender Advanced Delivery this guide will make sure emails make it to the inbox.
The source of truth document on the Microsoft side is:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-advanced-delivery
That document is a bit complex, though, so the following steps can help point you in the right direction:
Configuring Advanced Delivery is done through the Microsoft 365 Defender Portal: https://security.microsoft.com
Advanced Delivery is located under “Policies & rules” → “Threat Policies” → Under the Rules Section → “Advanced Delivery”
From here, you’ll want to use the Phishing Simulation tab and configure domains and URLs listed in our:
Using Advanced Delivery can help with the following issues:
Safe Links
If you are attempting to stop Microsoft from detonating your simulation URLs, which counts as a user clicking on the link, then Advanced Delivery can be used.
Quoting the “Configure the delivery of third-party phishing simulations” document above
“Safe Links in Defender for Office 365 doesn't block or detonate the specifically identified URLs in these messages at time of click. URLs are still wrapped, but they aren't blocked.“