Forum Discussion

CB-MD's avatar
CB-MD
Copper Contributor
Aug 18, 2025

Emails from our custom domain ends up in quarantine

Hello, I have an issue with emails coming from one of our custom domains being detected as phishing for identity theft reason.

 

We've got the main domain on Microsoft 365, let's call it: "domain-example.com" and the second domain on IONOS : "domainexample.com" When we receive emails from this second domain it is detected as phishing since it is a domain name very close to our main domain, therefore those emails are placed into quarantine.

How do I resolve this issue? Can I indicate Microsoft 365 that this second domain is owned by our company, therefore the emails coming from this domain aren't identity theft attempts?

I found how to add a domain on Microsoft 365 Admin Center but I don't know what are the consequences of this action, I want to keep my domain on IONOS and send emails from their web server.

 

All I want is to stop emails from our company to end up into quarantine or spam folder.

 

Thank you.

admin
Domains
microsoft 365 admin center

2 Replies

  • Walid_91's avatar
    Walid_91
    Copper Contributor
    Sep 18, 2025

    Hello CB-MD, 

    You have correctly identified the root cause and the first step to solving it, is either to Add the second domain to Microsodft 365 but without getting to the last step which is configuring the DNS records (MX, CNAME, etc), by stopping at this step, the only consequence is that MS365 now knows domainexample.com is a legitimate domain associated with your company.. and this is what you want, after that all your mailflow , mailboxes and all other services will remain with IONOS. 

    Then, you can create a rule to bypass Phishing Protection for your second domain, by following the following steps: 
    1- Go to the Microsoft 365 Defender Portal: Navigate to security.microsoft.com
    2- Go to Policies: In the left pane, select Email & collaboration > Policies & rules > Threat policies > Anti-phishing.
    3-Create a new policy or edit the default one.
    4-Under the "Phishing threshold & protection" settings, you may find an option to create an exception. Add domainexample.com to the list of domains that are "trusted" or "excluded from spoofing protection."
    5-Save the policy.

    • CB-MD's avatar
      CB-MD
      Copper Contributor
      Sep 19, 2025

      Hello Walid_91,

       

      Thanks a lot, I will try that and get back to you if needed, else I'll mark it as solution.

Resources