Problem: Internal email messages in Exchange Online are improperly handled as spam
by the
Advanced Spam Protection security filter, ignoring the administrator-configured settings
In an Advanced Threat Protection policy for Exchange Online, the administrator can
configure how to handle their internal email messages by the Trend Micro Antispam
Engine as
follows:
-
To have Cloud App Security not scan internal messages, set the security filter to apply only to Incoming messages.
-
To have Cloud App Security scan internal messages but not take configured actions if they fall into other spam, set the security filter to apply to All messages and select Pass all the messages sent from internal domains if detected as other spam in the Action section.
However, Cloud App Security does more in the back end, for example, Sender Policy Framework
(SPF) setting and email header checks, to identify fake internal emails. Therefore,
upon the
above settings, if some internal messages of your organization are still handled as
other
spam, you can check the affected messages for further actions. For more information
about
how to proceed with this issue, see https://success.trendmicro.com/solution/000253191.