New EOP Safety Tip - looking for explanation

%3CLINGO-SUB%20id%3D%22lingo-sub-101460%22%20slang%3D%22en-US%22%3ENew%20EOP%20Safety%20Tip%20-%20looking%20for%20explanation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-101460%22%20slang%3D%22en-US%22%3E%3CP%3EOur%20users%20are%20starting%20to%20see%20new%20and%20varied%20safety%20tips%20that%20we%20cannot%20locate%20any%20article%20or%20documentation%20on.%20%26nbsp%3BOne%20of%20the%20newer%20entries%20takes%20the%20form%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EYou%20don't%20often%20get%20email%20from%20%3CUSER%3E%3CFONT%20face%3D%22Segoe%20UI%2Csans-serif%22%20size%3D%222%22%20color%3D%22%23212121%22%3Ewhich%20appears%20similar%20to%20someone%20who%20has%20previously%20sent%20you%20email%2C%20but%20may%20not%20be%20that%20person.%26nbsp%3B%3C%2FFONT%3E%3CA%20href%3D%22http%3A%2F%2Faka.ms%2FLearnAboutSenderIdentification%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CFONT%20face%3D%22Segoe%20UI%2Csans-serif%22%20size%3D%222%22%3ELearn%20why%20this%20may%20be%20a%20problem%3C%2FFONT%3E%3C%2FA%3E%3C%2FUSER%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20a%20huge%20fan%20of%20new%20features%20and%20protections%20coming%20to%20our%20community%20-%20but%20when%20they%20are%20presented%20with%20no%20ability%20for%20admins%20to%20determine%20where%20this%20message%20is%20generated%20from%20and%20under%20what%20conditions%20-%20that%20is%20unacceptable.%20%26nbsp%3BIt%20is%20hard%20enough%20battling%20phishing%20and%20other%20targeted%20attacks%20without%20our%20providers%20also%20surprising%20us.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20else%20seeing%20these%20new%20types%20of%20safety%20tips%20or%20have%20references%20to%20documentation%20or%20announcements%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EDave%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-101460%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-101735%22%20slang%3D%22en-US%22%3ERe%3A%20New%20EOP%20Safety%20Tip%20-%20looking%20for%20explanation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-101735%22%20slang%3D%22en-US%22%3E%3CP%3ESo%20we%20got%20some%20context%20on%20this%20from%20Product%20Management.%20%26nbsp%3BThis%20tip%20is%20generated%20purely%20based%20on%20graph%20data%20and%20actual%20personal%20message%20history%20for%20the%20user%20-%20SPF%2FDKIM%2FSCL%20doesn't%20contribute%20at%20all.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAdditionally%20they%20seemed%20to%20advise%20they%20are%20pulling%20this%20one%20back%20from%20production%20due%20to%20some%20negative%20feedback.%20%26nbsp%3B%20I%20plan%20on%20enquiring%20further%20with%20them%20as%20to%20how%20admins%20will%20be%20made%20aware%20of%20new%20Safety%20Tips%20being%20rolled%20out%20and%20will%20share%20here%20if%20I%20get%20anything%20useful.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDave%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-101570%22%20slang%3D%22en-US%22%3ERe%3A%20New%20EOP%20Safety%20Tip%20-%20looking%20for%20explanation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-101570%22%20slang%3D%22en-US%22%3E%3CP%3EHavent%20seen%20this%20one%20in%20particular%20yet%2C%20but%20it%20seems%20to%20correspond%20to%20some%20scenarios%20with%20failed%20SPF%2FDKIM%20checks.%20I%20agree%20though%2C%20it%20would%20be%20nice%20to%20have%20some%20control.%20Many%20of%20the%20Exchange%20MVPs%20have%20expressed%20concerns%20about%20having%20a%20link%20inside%20the%20safety%20tip%20for%20example%2C%20being%20able%20to%20customize%20the%20message%20might%20help%20with%20that.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Our users are starting to see new and varied safety tips that we cannot locate any article or documentation on.  One of the newer entries takes the form:

 

You don't often get email from <user@domain.com>which appears similar to someone who has previously sent you email, but may not be that person. Learn why this may be a problem

 

 

I'm a huge fan of new features and protections coming to our community - but when they are presented with no ability for admins to determine where this message is generated from and under what conditions - that is unacceptable.  It is hard enough battling phishing and other targeted attacks without our providers also surprising us.

 

Anyone else seeing these new types of safety tips or have references to documentation or announcements?

 

Thanks,


Dave

 

4 Replies

Havent seen this one in particular yet, but it seems to correspond to some scenarios with failed SPF/DKIM checks. I agree though, it would be nice to have some control. Many of the Exchange MVPs have expressed concerns about having a link inside the safety tip for example, being able to customize the message might help with that.

So we got some context on this from Product Management.  This tip is generated purely based on graph data and actual personal message history for the user - SPF/DKIM/SCL doesn't contribute at all.

 

Additionally they seemed to advise they are pulling this one back from production due to some negative feedback.   I plan on enquiring further with them as to how admins will be made aware of new Safety Tips being rolled out and will share here if I get anything useful.

 

Dave

 

 

how do i turn this feature off? it is really annoying bc it takes up the whole preview bar for alerts on my notifications and in my outlook email list, which means i can't read what the email is actually about. And literally EVERY one of these emails is from someone who is supposed to be emailing me.