We currently use a 3rd party vendor for email filtering. The 3rd party vendor works well. However, since Microsoft has turned on "Secure by Default" for all tenants, Microsoft catches emails and marks them as High Confidence Phishing. Since they stopped you from being able to just send the email to Junk, I have to remember to monitor the quarantine at least weekly.
While I appreciate their efforts, most of the time the emails caught are not phishing attempts. I've read the documentation that states to set a transport rule to adjust the SCL on any emails received from the 3rd party filtering, but the issue this causes is emails will no longer land in users' Junk Email folder.
I'd rather let my 3rd party vendor do my filtering and be able to tell Microsoft to stop.
Is anyone else dealing with this? What's your solution?