My IT department use the official Microsoft phishing test. The emails arrive in inbox with 0 headers. (There's also a helpful Microsoft page of all the dodgy sounding domains they've registered for this.)

I just don't check my emails anymore. If it is important, people will complain on teams that nobody answer with some sort of urgency and then I'll look for it specifically.

Mind sharing your filter rules? KnowBe4 uses X-PHISHTEST header and I think I saw Proofpoint using something similiar a few years back

Straight from the source: https://help.proofpoint.com/Proofpoint_Essentials/Security_A... xD

The vast majority of security controls are designed for the careless and the clueless.

I did this and it worked for a few months before word got to security who then forced everyone to remove the rule.