Send the simulated phishing email. This will cause O365 to initially block the message.
Navigate to the Emails tab on the Submissions page at https://security.microsoft.com/reportsubmission?viewid=email
When you submit a blocked message as Should not have been blocked (False positive), an allow entry for the sender is added to the Domains & email addresses tab on the Tenant Allow/Block Lists page
Troubleshooting tips:
Ensure you have the right access to be able to manage the Allow/Block List (e.g., Organization Management, Security Administrator, Security Operator, Global Administrator)
Please leave 5 minutes for the entries to be active.
Additional methods can be found on the Microsoft website here.