The inbound message will be passed to a custom connector I have written, which will perform some policy checks and then return the message to Office365. If the policy is violated, I would like to add a property? message header? something else? that will set the Mail.IsThreat property to 1 and hence trigger the alert.
I'm struggling to see how/where the Mail.IsThreat is defined or if it can be defined outside of the standard M365 Threat Protection features