Microsoft 365 Alert – Service Degradation – Exchange Online – Users’ legitimate inbound email messages containing specific URLs are being incorrectly marked as phish – RESOLVED

30/10/2024 15:06:00 PM

NHSmail Reference: INC46588636

Microsoft Reference: EX921449

Issue Status: RESOLVED

Issue Description: Users’ legitimate inbound email messages containing specific URLs are being incorrectly marked as phish.

Final Update: 04/11/2024 09:04:00 AM – Microsoft have successfully released the identified affected email messages and after monitoring the service, they have verified the issue is now resolved.

Scope of impact: Impact is specific to some users who are expecting to receive inbound email messages who are served through the affected infrastructure.

Root cause: Their automated anti-spam procedures is incorrectly blocking email messages that contain a specific URL, which is causing inbound email messages to be marked as phishing and quarantined due to a signature which is flagged as malicious.

Next steps: Microsoft are investigating how the recent rule set change in our automated anti-spam procedure was incorrectly blocking email messages containing certain types of URLs to prevent this problem from happening again.