Anti-phishing ATP Employees Peronal Email

%3CLINGO-SUB%20id%3D%22lingo-sub-242740%22%20slang%3D%22en-US%22%3EAnti-phishing%20ATP%20Employees%20Peronal%20Email%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-242740%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20new%20ATP%20Anti-phishing%20solution%20seems%20to%20be%20working%20well%20however%20we%20have%20run%20into%20a%20few%20issues%20and%20curious%20what%20others%20are%20doing.%26nbsp%3B%20We%20have%20several%20users%20that%20on%20occasion%20use%20their%20personal%20email%20accounts%20to%20send%20emails%20back%20to%20the%20office%20(%40hotmail.com%20or%20%40gmail.com)%20.%20I%20would%20love%20to%20say%20they%20should%20not%20do%20this%2C%20but%20we%20all%20know%20users%20do%20what%20users%20do.%26nbsp%3B%20The%20problem%20is%2C%20these%20emails%20also%20get%20flagged.%26nbsp%3B%20For%20example%2C%20I%20have%20a%20personal%20email%20address%20with%20my%20name%20and%20I%20send%20an%20email%20back%20to%20the%20office.%20Obviously%20by%20design%2C%20ATP%20will%20flag%20that%20email%20address%20as%20it%20did%20not%20come%20from%20our%20network.%26nbsp%3B%20I%20know%20we%20can%20add%20safe%20senders%2C%20but%20this%20is%20a%20reactive%20measure.%20How%20are%20you%20guys%20attacking%20situations%20like%20this%3F%26nbsp%3B%20Is%20there%20something%20else%20I%20could%20be%20doing%20proactively%20%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Super Contributor

The new ATP Anti-phishing solution seems to be working well however we have run into a few issues and curious what others are doing.  We have several users that on occasion use their personal email accounts to send emails back to the office (@hotmail.com or @gmail.com) . I would love to say they should not do this, but we all know users do what users do.  The problem is, these emails also get flagged.  For example, I have a personal email address with my name and I send an email back to the office. Obviously by design, ATP will flag that email address as it did not come from our network.  I know we can add safe senders, but this is a reactive measure. How are you guys attacking situations like this?  Is there something else I could be doing proactively ? 

0 Replies