The feature in question is the option to “Send a copy of suspicious outbound emails that exceed these limits to these users and groups” found in the Microsoft Defender portal1. When this setting is enabled, it forwards emails that are deemed suspicious by the system’s criteria to the specified users or groups, which often includes the Global Admins.
This mechanism serves as a precautionary measure to identify and mitigate the risk of compromised accounts sending out spam. However, it can lead to confusion if there’s a lack of clarity on why these emails are being forwarded.
To address this, Global Admins can review and adjust the setting by accessing the Anti-spam policies section in the Microsoft Defender portal1. If you find that the feature is causing more confusion than clarity, you can simply untick the option to stop receiving copies of these suspicious outbound emails.
It’s important to note that while disabling this option may reduce the clutter in your inbox, it also means you won’t be proactively notified of potential spam activities. Therefore, it’s crucial to weigh the benefits of being alerted against the inconvenience of receiving these emails before making any changes to the policy.
Remember, maintaining the balance between security and usability is key to effective spam management in Microsoft 365.
For Global Admins looking to modify this setting, here’s a quick guide:
- Navigate to the Microsoft Defender portal at security.microsoft.com.
- Go to the Anti-spam policies section.
- Locate the policy called "Anti-Spam inbound policy".
- Uncheck the option to “Send a copy of suspicious outbound emails”.
- Save your changes.
By following these steps, you can customize the Outbound Spam Policies to better suit the needs of your organization.
No comments:
Post a Comment