Once you click the link above, follow the instructions under the “Use the Microsoft 365 Defender portal to configure third-party phishing simulations in the advanced delivery policy” heading.
Allow-List by X-Header in M365
Once you click the link above, make sure to follow all the steps from beginning to end of the page. Also make sure to get the most up-to-date list of CyberHoot servers below.
The required IP address and Domain name information is found in this HowTo article:
CyberHoot Email-Relay IP Addresses, Domains, and Allow-Listing Articles