Include offending messages in alerts for "Suspicious email sending patterns detected" policy
When I receive an alert of the policies like "Suspicious email sending patterns detected", I would like to see some information about the messages that have triggered the alert. Subject line would be nice. Without this I cannot have discussions with the sender to correct the problem.
Currently working on linking alert to content explorer.
Blake Frericks commented
This is necessary information. W/o the offending message(s) you send us down a rabbit hole and waste precious time.
Is it worth if you receive an alert that does not explain why it was triggered?
Matt Adams commented
Is there an update on the progress to add a link to the content explorer?
that is ******** we have an alert and cannot even read any detail anywhere about the trigger
Bradley Fox commented
I keep trying to investigate these through our archiver and busting into the mailbox but can't really tell what's going on without knowing what the message(s) were that triggered this alert. It's a garbage alert as messages can be sent without showing up in the sent items if sent through other means like POP.
Jim Melcher commented
Me too. I think we get this occasionally when our HR specialist sends out all-company emails. Those emails aren't all in our domain, so it can probably look like spam, or a random sampling of her contact list.
I would like to see some information about the messages that have triggered the alert. +1
Grant Rutherford commented
100% agree, this is particularly relevant for shared mailbox alerts