Comments on: How End-users Can Bypass Exchange Online Protection https://practical365.com/how-end-users-can-bypass-exchange-online-protection/ Practical Office 365 News, Tips, and Tutorials Wed, 31 Jul 2024 17:26:29 +0000 hourly 1 https://wordpress.org/?v=6.6.1 By: <div class="apbct-real-user-wrapper"> <div class="apbct-real-user-author-name">Thijs Lecomte</div> <div class="apbct-real-user-badge" onmouseover=" let popup = document.getElementById('apbct_trp_comment_id_297453'); popup.style.display = 'inline-flex'; "> <div class="apbct-real-user-popup" id="apbct_trp_comment_id_297453"> <div class="apbct-real-user-title"> <p class="apbct-real-user-popup-header">The Real Person!</p> <p class="apbct-real-user-popup-text">Author <b>Thijs Lecomte</b> acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.</p> </div> </div> </div> </div> https://practical365.com/how-end-users-can-bypass-exchange-online-protection/#comment-297453 Wed, 31 Jul 2024 17:26:29 +0000 https://practical365.com/?p=59357#comment-297453 In reply to Gary.

It depends on how you setup your transport rule, but yes it is possible.
This is able to override the SCL verdict.

]]> By: Gary https://practical365.com/how-end-users-can-bypass-exchange-online-protection/#comment-297228 Wed, 24 Jul 2024 20:14:47 +0000 https://practical365.com/?p=59357#comment-297228 In reply to Thijs Lecomte.

Does this includes any rules to may have created? If we created a rule to quarantine any from the domain @practical365.com, but a user had added john@practical365.com to their safesenders list, it would be delivered.

]]> By: Thijs Lecomte https://practical365.com/how-end-users-can-bypass-exchange-online-protection/#comment-285331 Mon, 08 Jan 2024 18:50:16 +0000 https://practical365.com/?p=59357#comment-285331 In reply to Keith.

The requirement is removed if those 3rd party systems send emails to their own quarantaine, instead of O365. If they are still sent to O365, this is still applicable

]]> By: Keith https://practical365.com/how-end-users-can-bypass-exchange-online-protection/#comment-285054 Thu, 04 Jan 2024 07:50:38 +0000 https://practical365.com/?p=59357#comment-285054 If using a 3rd party Email filtering system such as mimecast/proffpoint/ barracuda etc this could be controlled at that level. So would it still be worth implementing this when using such services with Exchange Online? Thanks

]]> By: <div class="apbct-real-user-wrapper"> <div class="apbct-real-user-author-name">Thijs Lecomte</div> <div class="apbct-real-user-badge" onmouseover=" let popup = document.getElementById('apbct_trp_comment_id_278649'); popup.style.display = 'inline-flex'; "> <div class="apbct-real-user-popup" id="apbct_trp_comment_id_278649"> <div class="apbct-real-user-title"> <p class="apbct-real-user-popup-header">The Real Person!</p> <p class="apbct-real-user-popup-text">Author <b>Thijs Lecomte</b> acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.</p> </div> </div> </div> </div> https://practical365.com/how-end-users-can-bypass-exchange-online-protection/#comment-278649 Wed, 25 Oct 2023 18:15:14 +0000 https://practical365.com/?p=59357#comment-278649 In reply to Darren DeHaven.

I 100% agree, there were multiple controls that weren’t in place.

]]> By: Darren DeHaven https://practical365.com/how-end-users-can-bypass-exchange-online-protection/#comment-278523 Tue, 24 Oct 2023 16:17:58 +0000 https://practical365.com/?p=59357#comment-278523 In your use case, the real issue is they need to block all external messages that list their internal domain in the from field, way before it gets to the user.

]]>