...
Sign in to the Microsoft 365 admin center.
Go to Settings > Domains, select your domain (for example, contoso.com), and find the MX record.
The MX record will have a Points to address or value value that looks similar to
contoso-com.mail.protection.outlook.com
.Make a note of the MX record Points to address or value value, which we refer to as your MX endpoint.
Go to the Exchange Admin Portal → mail flow → rules. Click on the + icon the select “Bypass spam filtering …”
Name it
in the “Apply this rule if…” drop down select “A message header …” and then “includes any of these words”
Click on the *Enter text…: and type “ x-phishing-simulation”. Click OK
Click on the *Enter words… and add “true”. Click OK
Click “Save” and make sure the rule has high enough priority.
...