Does impersonation checks in Phishing policy work for email aliases?

Occasional Contributor

I'm looking at the anti-phishing in EOP - "Add up to 60 internal and external users you want to protect from being impersonated by attacker"


Q. Our staff have multiple email aliases, such as and If I add as one of the 60 users, would impersonation attempts using also be covered or would I need to add both to the list?

1 Reply

I believe it only applies to the value you enter there, so you will need to add any aliases as well. Reason being, it actually accepts "external" addresses as well.