Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Microsoft Defender is Illegally Blocking Legitimate Business EMail Across all 365 Tenants as "BULK"

Brass Contributor

We have identified that Microsoft started classifying "BULK" emails as spam back in January 2022.  However this is now also blocking legitimate emails sent from (1) sender to (1) recipient with the email still labeled as "BULK".  I have multiple tickets opened with various departments.  I was told today by MS Support this is a known issue, but they are waiting for engineering to provide a fix.  You can fit it by reverting back and then implementing the solution correctly later on.


At the end of the day, MS started changing the behavior of the default anti-spam policy in such a way that is blocking legitimate email that is not being sent in bulk.  
Legally I believe what Microsoft is doing here is known as a "Restraint of Trade". 
  • These are not emails sent to me.  These are email's I am sending to my customers and potential customers.  These are also emails that my customers are sending to their customers. 
  • Microsoft's change regarding "Bulk Email" is not applying to actual bulk messages sent to more than X number of recipients.  Microsoft is now blacklisting individuals who have ever sent an email in "bulk" and all future emails, even if sent to a single recipient is still classified as "bulk".
  • The default anti-spam policy configured automatically for all Office365 customers is now using the logic listed above.  So, the recipients have not made any modification to cause this change, Microsoft is imposing this change on all their customers using the default anti-spam policy tenant by tenant.
  • The majority of Office365 customers are small business with no real IT support or knowledge of these settings.  They licensed the product and are conducting business.
  • Microsoft's change to the handling of "Bulk" email that started back in January 2022 is creating this issue and is now basically in violation potentially of service agreements from paying customers.  I pay MS to be able to send an email from me to my potential customer.   MS default anti-spam policy now states that if I have ever sent email in "BULK" all of my emails are flagged in "BULK" and are defaulted to the user's quarantine.
0 Replies