question

Sree20212021 avatar image
0 Votes"
Sree20212021 asked Sree20212021 commented

question on policy

how the phishing policy handles internal domains? Could someone explain in detail

office-exchange-online-itprooffice-exchange-server-mailflowoffice-exchange-server-connectivity
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @JustinMicheal-7973

Have you checked the suggestion below? Any update about this question?

1 Vote 1 ·

1 Answer

joyceshen-MSFT avatar image
0 Votes"
joyceshen-MSFT answered Sree20212021 commented

Hi @JustinMicheal-7973

We could refer to the introduction of anti-phishing policy in the official document.

By default, no sender domains are configured for impersonation protection in Enable domains to protect. Therefore, by default, no sender domains are covered by impersonation protection, either in the default policy or in custom policies.

When you add domains(domains you own or partner domains) to the Enable domains to protect list, messages from senders in those domains are subject to impersonation protection checks. The message is checked for impersonation if the message is sent to a recipient that the policy applies to (all recipients for the default policy; Users, groups, and domains recipients in custom policies). If impersonation is detected in the sender's domain, the impersonation protection actions for domains are applied to the message (what to do with the message, whether to show impersonated users safety tips, etc.).

And if you want to know more about how EOP backend handles internal domain, I would suggest you open a service request to get more information.


If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @JustinMicheal-7973

IIs there any update about your issue?

For the anti-phishing policy, upon checking if it's internal, it will skip but there's anti spoofing under anti phishing if your domain is imitating by other users outside organization.


If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 Vote 1 ·

Thanks a ton

0 Votes 0 ·