08-30-2019 02:17 PM
We have received a lot of alerts coming from O365 that this email address sender:
noreply@email.teams.microsoft[.]com is sending email with malware content, by investigating the alerts, we can see all the originating IPs are coming from Microsoft, only one IP is not registered as permitted sender but it is still a Microsoft IP. are you aware of a similar issue?
Thanks,
08-31-2019 08:49 AM
It's a known issue, and something Microsoft has fixed since. You can get more info from the SHD, incident EX189242.
05-25-2020 06:53 AM
12-16-2020 10:23 AM
12-16-2020 10:23 AM
01-14-2021 08:44 AM