Forum Discussion
MicrosoftNinja Cat Giveaway: Episode 2 | Mastering email authentication and slashing overrides: Part 2
For this episode, your opportunity to win a plush ninja cat is the following -
Reply to this thread with: Did you spot ninja cat throughout episode? Mention your favorite on-screen ninja cat appearance in this episode along with one thing you’ve learned from this episode of the Ninja Show!
This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14th, 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.
54 Replies
- I saw a ninja cat sweeping across the bottom of the video 🙂 One thing I learned was how "allowlisting" a sender is actually an override of other security controls, including protection against phishing such as spoofing of a P2 field.
i love it when the ninja cat appears from behind the paintings!
I learned that I can help Microsoft learn how to properly categorize emails as false positives or false negatives- Ninja Cat - quite a few appearances, I rather like the ninja cat on shoulder at 8:13.
For me the most value is from the Learn article on finding potentially problematic overrides, at https://aka.ms/reviewoverrides. Spotted Ninja cat abseiling down Paul and Heike's walls - that's one fearless feline!
I learned of the existence of those awesome KQL queries to hunt out details of mail being delivered via existing overrides - great resource!!!
- Love the ninja cats everywhere and especially the one going down on the rope on the wall behind Paul and coming down from behind te picture on the wall behind Paul. Love the explaining about how to get less false positive results. Love the real cat that you can see in the reflection of the lower picture on the wall Always say to everyone not the use whitelist and to fix the problem at the side of the sender.
HeikeRitter Many ninjacats seen, some a bit more conspicuous than others. The Advanced Hunting section was the most instructive for me. What did you learn most from it? 🙂
- HeikeRitterI think I didn't know anything Paul talked about 😄
- I saw the ninja cat pop out from under the framed picture! Very sneaky!
This is handy info as we constantly get requests to "allow a domain," but it's much more complicated these days. It's nice to get validation from Microsoft that this is not the recommended path, and that it can get very granular if needed. We've found that many vendors request this out of old practice, but if they have good email security hygiene, it's not needed. Just like you mentioned, vendors can be compromised, and without those controls in place, we in IT will look like we're not doing our jobs if malicious messages from that vendor make it to inboxes. 
Leslie_MariankoI saw ninja cat throughout...especially when he is popping up on the shoulder of the presenter in this case Paul. Learned how to allow a message in the TABL using the submission page and not to just blanket apply a domain override.- Liked the Policies & Rules session like threat policies tenant block and allow list, where the ninjacat was behind the scene 😉 Awesome Mastering session !
I loved Ninja Cat rappelling down the walls and the plush is adorable.
We are transitioning to Exchange Online and having discussions about what rules we should migrate. Seeing this and the recommendations for not bringing those rules over is timely and helpful. It's a great explanation of how you handle allow lists, custom rules and default rules.
