Feb 02 2023 02:44 AM
Important, I have configure policy to allow external forwarding and add effected users to policy..
I have Phishing policy : Anti-Phishing Policy (All Domains) + default
Anti-spam policies
Anti-spam policies Priority Priority 0 -> (Automatic forwarding On - Forwarding is enabled)
Anti-spam inbound policy (Default)
Connection filter policy (Default)
Anti-spam outbound policy (Default)
Issue is the following :
Phish email arrive to O365 (I deliberately avoid EOP) :
Mailbox with no forwarding :
Email is scanned send to quarantine and user is informed
Mailbox with with forwarding :
Email is scanned send to quarantine and user is informed. <- As expected
Same email is also directly forwarded to email defied in forwarding. <- Issue
So the second part is Issue , Phish email is delivered to external user in original non scanned state.
Is this by design ? I would expect that email should be scanned by EOP and not forwarded if it is detected as Phish.
The only option, that I did not test was creating the inbox rue to forward email to external user.
May 02 2023 07:13 AM