Forum Discussion
Whitelist external email to internal distribution group
Hi all, Question for the team.... If a user is calling off for the day, they can send an email from their personal email address to one of our distribution groups that get delivered to a number of managers, so they are aware that the person will not be in for the day. Issue is that Defender will quarantine some of these emails, marking it as SPAM. Then, the managers will not get the email and have no idea that the person is calling off. How can I whitelist all emails going to that particular distribution group so that nothing gets quarantined? I tried creating a whitelist rule in Exchange Online mailflow rules, but it does not allow distribution groups to be whitelisted..ie set to SCL -1
4 Replies
mrhops you need to whitelist your external email in your incoming spam policy in the threat policy blade
ā
Thanks - just what I needed today.
- Hi eliekarkafy, thank you for your reply. I understand adding external addresses to the SPAM policy, but there's no way for me to know a couple hundred employee personal email addresses in order to add them all to the SPAM policy. Is there a way to "allow all" messages rule going to an internal distribution group?
- You can have a separate anti-spam policy that only applies to the particular target.
You probably want to do that because if you do not know who will be writing to the target then you are effectively exposing it to abuse from any sender. If the address is in a collection of freemail accounts then it will leak out sooner rather than later. Giving the target an obscure address will not defend it from that.
You can qualify access to the target with a mail flow rule that demands a subject line tag. Any mail to the target gets dropped unless the e-mail contains the magic word "CALL-OFF", or something a bit more devious. Few spammers will go to to the trouble of remembering that.
