Whitelist domains for Advanced Threat Protection
ATP needs a method for whitelisting domains because it can take a month or more for a false positive to get categorized and updated in ATP rulesets.
You need to either give us a way to whitelist domains (so we can continue sending and receiving attachments), or you need to update definitions faster. I'm guessing adding whitelisting will be easier and more reliable.
Anthony Castro commented
This seems like a basic function that should be included, we spent a few weeks waiting on Microsoft to clear an attachment that kept getting mistakenly flagged.
michael berry commented
Especially when using the dynamic options.