Get instant support with our search!
Microsoft Report Button Integration Configuration Guide (Quick Guide)
INTEGRATION GUIDE
MetaCompliance & Microsoft Report Phish
Quick Setup Guide — Exchange Mail Flow Rule
This guide shows you how to create the Exchange mail flow rule that forwards reported MetaCompliance phishing simulations back to MetaCompliance for tracking. It takes about five minutes and changes nothing about how your users or your security team handle real phishing.
What this achieves
- Users keep using the Microsoft Report Phish button exactly as they do today.
- MetaCompliance receives reported simulation emails so reports show in your dashboard.
- Real phishing investigations remain completely unchanged.
Before you start
Confirm each of the following before creating the rule:
- The Microsoft Report Phish button is enabled in your tenant.
- Reported messages are delivered to a reporting mailbox you control.
- You have access to the Exchange Admin Center.
1 Open the Exchange Admin Center
Go to admin.exchange.microsoft.com and navigate to Mail Flow > Rules. Select Add a Rule > Create a New Rule.
2 Name the rule
Give it a name that is easy to recognise later, for example: MetaCompliance Phish Simulation Reporting
3 Add the conditions
Condition 1 — the recipient is your reporting mailbox.
Condition 2 — the subject or body contains the ① match value (the blue field) from your region card below.
4 Configure the action
Choose Redirect the message to ② the mailbox (the green field) from the same region card, or Add recipients if your security team also wants a copy.
5 Save and enable
Save the rule and confirm it is enabled.
Find your region
Use one card only. Both values must come from the same region: ① blue goes in Condition 2; ② green is the redirect mailbox.
|
REGION UK ① Match value — enter in Condition 2 bubbles-admin.metacompliance.com ② Redirect to — this mailbox report@phish.uk.metacompliance.com |
REGION IRE ① Match value — enter in Condition 2 marlin.metacompliance.com ② Redirect to — this mailbox report@phish.ire.metacompliance.com |
|
REGION NL ① Match value — enter in Condition 2 marlin.metacompliance.com ② Redirect to — this mailbox report@phish.nl.metacompliance.com |
REGION US ① Match value — enter in Condition 2 dory.metacompliance.com ② Redirect to — this mailbox report@phish.us.metacompliance.com |
|
REGION CA ① Match value — enter in Condition 2 hank.metacompliance.com ② Redirect to — this mailbox report@phish.ca.metacompliance.com |
REGION DACH ① Match value — enter in Condition 2 bruce-admin.metacompliance.com ② Redirect to — this mailbox report@phish.dach.metacompliance.com |
|
Don't mix regions The ① match value and ② mailbox must be from the same card. Using the wrong region — or one value from each — means reports will not route. Watch out: IRE and NL share the match value marlin.metacompliance.com, but their mailboxes are different. Check the green field carefully. |
Test the configuration
- Send a MetaCompliance phishing simulation to a test user.
- Have the user report it using the Microsoft Report Phish button.
- Wait a few minutes for the message to route.
- Confirm the report appears in the MetaCompliance dashboard.
Troubleshooting
If reports are not appearing, check each of these:
- The rule is enabled.
- The reporting mailbox is correct.
- The ① match value matches your region card exactly.
- The ② redirect mailbox matches the same region card.
- The Microsoft Report Phish button was used to report the message.