Feedback by UserVoice

How can we improve compliance or protect your users better in Office 365?

← Office 365 Security & Compliance

Advanced Threat Protection Whitelist 2019

ATP needs a way to whitelist inbound email (IP or domain) from being quarantined as malware. Back in 2016 this issue was resolved by adding exchange mail flow rules to add headers. However, this method no longer works, and Microsoft support (ticket 12611412) confirms that ATP filters before mail rules are applied, and there is no way to whitelist inbound IP's to bypass ATP malware filtering. The only options in the settings is based on recipient. In my case, I want to whitelist to allow a Security Awareness Training provider to send test emails to our users. ATP is incorrectly identifying attachments as malware. Here is the original Uservoice that no longer works:
https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/9292590-advanced-threat-protection-whitelist

313 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

23 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • J commented  ·   ·  Flag as inappropriate

    Yes, users are confused when scanned files take long to arrive. Should be possible to whitelist user or user & ip combination.

  • Jonathan commented  ·   ·  Flag as inappropriate

    Agreed. This is urgently needed. Expecting all emails from an internal scanners email address to be scanned using safe attachments is disappointing. There needs to be an option to add an exception or whitelist for specific addresses/domains.

2 Next →

Office 365 Security & Compliance: Malware

Categories

Feedback and Knowledge Base

(thinking…)

Related Sites