Bypass ZAP feature for some Senders
Currently ZAP can be disabled for the entire Tenant or some recipients but there is no way to disable or bypass ZAP for some specific list of Senders.
Hi Muhammad, thanks for the feedback. Zero-hour auto purge respects the Safe Senders list of the Anti-spam policy. If there are specific senders which you do not want ZAP to act on, you can configure them as safe senders.
Note that we recommend admins to be cautious when adding safe senders for both mailflow and ZAP as it can cause a security issue should the sender become compromised.
Errol Tu-Parker commented
I can confirm that Mark is not only having this issue. Every day I have to clear out 100s of alerts, even after setting up both the mail flow bypass and safe senders/domains.
Either fix the issue or give us a dedicated portal to modify/bypass
Mark Orser commented
It is not respecting the Safe Senders List of the Anti-Spam Policy. I am experiencing this issue where a legitimate sender's bulk email is being detected by ATP and being ZAPped . I have reports showing this.
We need to exclude some known vendors from Microsoft's automated protections.
For this vendor we have done the following of which some may be redundant but ZAPping still occurs:
-Sender has SPF, DKIM correctly configured.
-Created a rule to whitelist the sending domain coming from their sending IP addresses
-Added their email address to Spam filter allow list
-Added IP to Connection filter allow list.
-Confirmed that email address shows up on Safe Senders list of the Anti-Spam Policy (same as Spam filter above)