Mailbox Intelligence - Impersonation false-positives

%3CLINGO-SUB%20id%3D%22lingo-sub-826905%22%20slang%3D%22en-US%22%3EMailbox%20Intelligence%20-%20Impersonation%20false-positives%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-826905%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20everyone%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ewe%20have%20%22Mailbox%20intelligence%22%20enabled.%3C%2FP%3E%3CP%3ESo%20users%20get%20a%20message%20that%20looks%20like%20this%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20579px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F128938i4E9F64743FE01971%2Fimage-dimensions%2F579x55%3Fv%3D1.0%22%20width%3D%22579%22%20height%3D%2255%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EWhich%20is%20fine%20for%20me.%20But%20some%20of%20our%20colleagues%20do%20not%20want%20to%20get%20this%20message%20every%20time%20they%20get%20an%20email%20from%20this%20user.%20Is%20there%20any%20option%20to%20mark%20this%20emailadress%20as%20%22valid%22%20and%20let%20the%20banner%20go%20away%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20could%20not%20find%20anything%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EStephan%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-827920%22%20slang%3D%22en-US%22%3ERe%3A%20Mailbox%20Intelligence%20-%20Impersonation%20false-positives%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-827920%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F40832%22%20target%3D%22_blank%22%3E%40Stephan%20G%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20believe%20there%20is%20a%20setting%20in%20the%20ATP%20Anti-Phishing%20policy%20settings%20where%20you%20can%20set%20up%20safe%20senders%2Fdomains%20so%20it%20bypasses%20ATP.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foffice365%2Fsecuritycompliance%2Fset-up-anti-phishing-policies%23learn-about-atp-anti-phishing-policy-options%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foffice365%2Fsecuritycompliance%2Fset-up-anti-phishing-policies%23learn-about-atp-anti-phishing-policy-options%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20not%20able%20to%20test%20this%20out%20myself%20at%20the%20moment%2C%20but%20the%26nbsp%3B%3CEM%3EAdd%20trusted%20senders%20and%20domains%26nbsp%3B%3C%2FEM%3Eoption%20might%20be%20what%20you%20are%20after.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECheers%2C%3C%2FP%3E%3CP%3EMark%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

Hi everyone,

 

we have "Mailbox intelligence" enabled.

So users get a message that looks like this:

clipboard_image_0.png

Which is fine for me. But some of our colleagues do not want to get this message every time they get an email from this user. Is there any option to mark this emailadress as "valid" and let the banner go away?

 

I could not find anything

Thanks

 

Stephan

1 Reply

Hi @Stephan G 

 

I believe there is a setting in the ATP Anti-Phishing policy settings where you can set up safe senders/domains so it bypasses ATP. 

 

https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies#learn-ab...

 

I'm not able to test this out myself at the moment, but the Add trusted senders and domains  option might be what you are after.

 

Cheers,

Mark