I’m trying to understand how phishing simulation tools actually work in companies that already have strong email security in place. Things like Microsoft 365 Safe Links, spam filters, DMARC checks, and email gateways often change or block emails before they even reach users. So how do simulation tools deal with this in real setups? Do they get allowlisted, or do they somehow go through normal email flow without breaking security rules? And when security tools rewrite links or scan attachments, does that mess up how realistic the simulation is? submitted by /u/Dependent-Self-6972 [link] [comments]