Blog Post

Microsoft Defender for Office 365 Blog

6 MIN READ

Mastering Configuration in Defender for Office 365 - Part Two

Microsoft

Apr 29, 2021

This blog is part two of a three-part series detailing the journey we’re on to simplify the configuration of threat protection capabilities in Office 365 to enable best-in class protection for our cu...

Updated Aug 04, 2022

Version 7.0

awareness & training

configuration

Mastering Configuration

prevention

Secure Posture

Sundeep_Saini

Microsoft

Joined October 19, 2020

View Profile

Microsoft Defender for Office 365 Blog

Follow this blog board to get notified when there's new activity

Kubho208

Copper Contributor

Jun 18, 2021

I am really interested about this part :

Rolling out these secure by default changes

We’ve taken a very deliberate approach to rolling out these changes in phases to ensure customers are not surprised and there are no negative side effects. We began to rollout Secure by Default for high confidence phishing messages by the override type starting in December of last year.

Today, we’re at a point in our Secure by Default journey where the following overrides are not honored for malicious emails (malware or high confidence phish emails):

Allowed sender lists or allowed domain lists (anti-spam policies)
Outlook Safe Senders
IP Allow List (connection filtering)

Does this mean, that if i have in IP allow list or allowed sender a domain, user whatever and Microsoft will judge this message as high confidence spam, this messages will be quarantined? or did I misunderstood this?