Forum Discussion
Quarantine "finger print matching" false positive
Just done my regular quarantine check on our O365 tenant and was surprised to find a couple of legit messages from an external sender which were flagged as High Confidence Phish based on finger print...
Over a year later and we are still seeing this. Particularly, on Phishing Simulation emails that are whitelisted precisely as prescribed. Other 365 tenants are NOT having this problem, with the same settings and same configuration. All that seems to be able to be done is manually going in and releasing from Quarantine. There's no 'white list' for these things, by IP, by domain, by header, or anything else. This is the same problem as 'Advanced filter' over which there seems to be no control whatsoever.
Anyone with a solution to this yet?