Forwarding email – to external no EPO polices are applied

BlatniBPMCP · ‎Feb 02 2023

Important, I have configure policy to allow external forwarding and add effected users to policy..

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/outbound-spam-policies-...

I have Phishing policy : Anti-Phishing Policy (All Domains) + default

Anti-spam policies

Anti-spam policies Priority Priority 0 -> (Automatic forwarding On - Forwarding is enabled)

Anti-spam inbound policy (Default)

Connection filter policy (Default)

Anti-spam outbound policy (Default)

Issue is the following :

Phish email arrive to O365 (I deliberately avoid EOP) :

Mailbox with no forwarding :

Email is scanned send to quarantine and user is informed

Mailbox with with forwarding :

Email is scanned send to quarantine and user is informed. <- As expected

Same email is also directly forwarded to email defied in forwarding. <- Issue

So the second part is Issue , Phish email is delivered to external user in original non scanned state.

Is this by design ? I would expect that email should be scanned by EOP and not forwarded if it is detected as Phish.

The only option, that I did not test was creating the inbox rue to forward email to external user.

Imran6767 · ‎May 02 2023

I had the same issue and when spoke to MS they said its by design and we cannot filter for external users which is fair .

But they should some up with something for this type of scenario

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Forwarding email – to external no EPO polices are applied

Forwarding email – to external no EPO polices are applied

Re: Forwarding email – to external no EPO polices are applied