Security News > 2023 > October > Microsoft disables bad spam rule flagging all sent emails as junk
Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies of outbound emails mistakenly flagged as spam.
This false positive issue affected Exchange Online users worldwide, with many reports saying that all emails sent to external addresses were being tagged as spam.
"We're investigating an issue resulting in admins receiving an unexpected volume of copies of outbound email sent to external parties from other users in their organization," the company said via its official Microsoft 365 Status account on Twitter.
"These duplicate notifications do not indicate actual re-delivery of the email messages themselves and were solely provided to correct notifications going to the spam mailbox. After extensive monitoring and follow-up analysis of our mitigation and replay efforts of the previously miscategorized spam messages, we've confirmed this issue has been resolved."
Admins aiming to ensure they won't have their mailbox filled with BCC spam the next time Microsoft 365 anti-spam rules act up can disable the "Send a copy of suspicious outbound" setting for the default outbound spam policy.
While Microsoft said it removed false-positive spam messages from quarantine in affected tenants, admins should also check if any users were added to the blocked senders list.