Sudden Deletion of False Positive Emails by Microsoft ZAP without Any Policy or Configuration Change

Copper Contributor

Hi All,


Recently, we have noticed that Microsoft ZAP has been unexpectedly deleting a significant number of false positive emails from our system. It is important to note that we have not made any alterations to our existing policies or configurations that could have triggered this sudden change in behaviour.

We would greatly appreciate your guidance and support in understanding the potential cause behind this issue and how we can rectify it. What I noticed was that the policy applied to the emails was the Anti-spam policy and the reason for ZAP to move those emails to quarantine was that ZAP classified these emails are 'High Confidence Phish'. However, we haven't made any changes to this policy for a long time. 


Thank you in advance for your time and support.

Best regards,

1 Reply

Hi @NikhilSure 


ZAP for high confidence phishing is enabled by default, I suggest you to submit those mails for analysis. I always face the same and it work after submissions.



If I have answered your question, please mark your post as Solved

If you like my response, please give it a Like :smile:

Appreciate your Kudos! Proud to contribute! :)