Security News > 2023 > October > Microsoft disables bad spam rule flagging all sent emails as junk
Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies of outbound emails mistakenly flagged as spam.
This false positive issue affected Exchange Online users worldwide, with many reports saying that all emails sent to external addresses were being tagged as spam.
"We're investigating an issue resulting in admins receiving an unexpected volume of copies of outbound email sent to external parties from other users in their organization," the company said via its official Microsoft 365 Status account on Twitter.
"These duplicate notifications do not indicate actual re-delivery of the email messages themselves and were solely provided to correct notifications going to the spam mailbox. After extensive monitoring and follow-up analysis of our mitigation and replay efforts of the previously miscategorized spam messages, we've confirmed this issue has been resolved."
Admins aiming to ensure they won't have their mailbox filled with BCC spam the next time Microsoft 365 anti-spam rules act up can disable the "Send a copy of suspicious outbound" setting for the default outbound spam policy.
While Microsoft said it removed false-positive spam messages from quarantine in affected tenants, admins should also check if any users were added to the blocked senders list.
News URL
Related news
- Microsoft fixes Outlook email sending issue for users with many folders (source)
- Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft Outlook bug blocks email logins, causes app crashes (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)