Mastering Configuration in Defender for Office 365 - Part Two

stevo2360 Existing ETRs can continue to exist or be used but after the last phase of Secure by Default is enabled (target: July) for mail flow rules (ETRs), Defender for Office 365: 

• Will no longer deliver messages with high confidence phish (or malware) verdicts, regardless of any explicit ETRs. These messages will be quarantined. We will still continue to honor ETRs and deliver messages if they are not high confidence phish or malware verdicts. Note: Secure by default does not apply when the domain's MX record does not point to Office 365 (third-party filter).
• Will no longer recommend ETRs as a method to configure third-party phishing simulations and/or Security Operation Mailbox message delivery.

We recommend that mail flow rules that were specifically created to define third-party phishing simulation campaigns or to direct messages to Security Operations (SecOps) mailboxes be removed once you configure your third-party phishing simulation and/or SecOps Mailboxes with the new advanced delivery policy when the feature rolls out (target: mid-June). Recommend completing this activity by early July before the last phase of Secure by Default is enabled.