DMARC, DKIM, SPF none but Composite authentication pass
Hi all, I have a email where DMARC, DKIM, SPF are marked as None, but still Composite authentication as passed. How can this be since the info of the composite authentication says: Combines multiple types of authentication such as SPF, DKIM, DMARC, or any other part of the message to determine whether or not the message is authenticated. If all three are none, what other part of the messages lets the message to pass composite authentication?
Defender for O365 with onprem mailboxes
Hi all, Just wanted to confirm the usability of some features of Defender for O365 when having a exchange hibrid scenario but still most of the mailboxes on-prem. From my understanding not all features will work Safe Attachments (dynamic delivery will not work for onprem mailboxes) Safe Links (works if the MX is pointing to EOP) ATP for SharePoint, OneDrive, and Microsoft Teams (not applicable to EXO) ATP anti-phishing protection (not sure if all settings will work for onprem mailboxes) Real-time detections (reports) Thanks in advanced, Rgs RM
capability to detect password protected files to during the email delivery and ZAP process of the e
Does M365 Defender & EOP has capability to detect password protected files to during the email delivery and ZAP process of the email in user mailbox? If yes how we can configure to stop such emails and put them into quarantine and stop the email delivery to end users? I have another follow-up question on this is that if we deploy this Transport rule to quarantine false or parked domains emails like phishing or spam and unwanted emails then how we would filter and allow the legit email domains to send out such files like .PDF, Docs, excel and other password protected files to users mailbox without putting them into Quarantine?
ASF Advanced Spam Filter roadmap
For the last year or so I have been seeing notes in Microsoft documentation advising that Exchange Online ASF is being deprecated. Do we have a roadmap for this, and more importantly any news about the replacement features elsewhere in the product. I am particularly interested in -IncreaseScoreWithNumericIps; the capability to spot and act on hyperlinks identifying a host by its numeric IP address. Failing clarity on that question, does anyone have a "pattern" they can recommend that can survive the depredations of Safe Links? I apologise for the cross-post from the Exchange community, but it is not completely clear where this topic should be discussed.URL clicks not being tracked
Hi, I have url rewrite and defender EDR in the environment. It seems like clicks are missing tracking information. Both in hunting queries and the actual url and domain page show no clicks and i know for a fact users clicked it. URL is external and it is rewritten, i checked in the email to confirm, i even clicked the url myself and nothing is tracked. Also how do you translate a rewritten url to url without clicking on it? Any suggestions?
