![white-logo.png]](https://www.livingsecurity.com/hs-fs/hubfs/white-logo.png?height=40&name=white-logo.png){kind=logo}
How to Configure DEC
DEC Page
Launching a campaign using DEC
Required API Permissions Info
FAQ
How to Configure Direct Email Creation
❗ You must access the phishing simulation tool at https://phishing-embed.livingsecurity.com/ to complete the steps.
- Navigate to Company > Company Settings > Direct Email Creation from the main menu. Click on + NEW to create a direct email creation setting.
-
Click the + NEW button.
-
Click on the CONNECT ACCOUNT button to begin connecting your O365 environment with the Direct Email Creation (DEC) application.
-
Establish the required permissions to begin configuring the following options:
-
Name: Set a name for DEC settings.
-
Domains: Select domains that you will send phishing simulation emails.
-
Test Email: Test if the configuration works successfully.
-
Send Test Email To: Enter the business email address.
-
Sender Email Address: Enter any from the address.
-
Sender Name: Enter a sender name.
-
Message: Enter a message.
-
-
Click the SAVE button to create configuration settings.
-
Direct Email Creation Page
You can view, edit, or delete any DEC configuration at the Company > Company Settings > Direct Email Creation page.
The elements of the direct email creation page are defined in the table below:
| Name | Name of the direct email creation settings |
| Platforms | Email service name that is integrated (Microsoft 365) |
| Status | The status of the configuration: (running/failed) |
| Date Created | The date and time that settings were created. |
| Action | The DEC settings’ can be edited or deleted. |
How to Launch Campaign by Using Direct Email Creation Settings
-
Navigate to Phishing Simulator > Campaign Manager from the main menu. Click on + NEW to create a campaign to launch.
-
The first page is Campaign Info, where you need to fill in the required fields and then click the NEXT button.
-
The second page is Advanced Settings, where you can choose Direct Email Creation settings from the Email Delivery section.
-
This way, you can set the email delivery settings that the campaign will be launched with, either SMTP or DEC settings.
-
ℹ️ Without a DEC configuration in place, you will not have access to Direct Email Creation settings when launching your campaign through the Email Delivery section
About Required API Permissions
You need to authorize the DEC application for your Microsoft 365 account to use the feature. The required API permissions are listed below:
|
Allows the app to have the same access to mailboxes as the signed-in user via Exchange Web Services. |
Allows the app to have the same access to mailboxes as the signed-in user via Exchange Web Services. |
| Use Exchange Web Services with full access to all mailboxes | Allows the app to have full access via Exchange Web Services to all mailboxes without a signed-in user. |
| Manage Exchange As Application | Allows the app to manage the organization's Exchange environment without any user interaction. This includes mailboxes, groups, and other configuration objects. To enable management actions, an admin must assign the appropriate roles directly to the app. |
| Read all users' full profiles | Allows the app to read user profiles without a signed in user |
| Read and write mail in all mailboxes | Allows the app to create, read, update, and delete mail in all mailboxes without a signed-in user. Does not include permission to send mail. |
| Read domains | Allows the app to read all domain properties without a signed-in user. |
| Sign in and read user profile | Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users. |
ℹ️ To access more detailed information, please refer to Microsoft's documentation.
FAQ
Q: Why would I use DEC over traditional whitelisting?
A: If your standard whitelisting method is effectively meeting your needs, there may not be a strong incentive to switch to DEC. However, it's important to keep in mind the benefits and features that DEC offers, and evaluate whether it could provide additional value and advantages for your organization. For example, Microsoft may always block certain attachment types like Office files with macros. The only way around this is to use DEC.
Q: Does DEC eliminate the need to whitelist in my other security tools like Proofpoint or Mimecast?
A: DEC works by injecting messages directly into users' inboxes, bypassing email filtering rules and allowing users to receive simulated phishing emails. You may still have click-based scanning or filtering in these solutions that you'll have to consider.
Q: Can I launch a campaign with DEC settings using the Fast Launch option?
A: No, you can only launch a campaign with DEC settings using Campaign Manager. If you launch a campaign with Fast Launch, the campaign will be started with default SMTP settings.
Q: Do I need to whitelist if I use the DEC feature?
A: If you use only the Phishing Simulator module and use the DEC feature, you don’t need to do whitelisting.
Q: Can I resend the campaign email to the users whose status shows Error in the Sending Report menu in the campaign report?
A: No, the users whose status shows Error means the destination email user account hasn’t been found in the O365, or there might be another problem for these users' email accounts which platform will show you as a tooltip if you hover your mouse over the error status.
Q: What action should I take for users whose status shows an error ("domain.com" is not in the allowed domain list) in the Sending Report menu after the launch campaign?
A: You can check and make sure you selected the related domain addresses in the DEC configuration, and then you can try to resend the campaign to these users from the Sending Report menu in the campaign report.
