Microsoft 365 Alert – Service Degradation – Exchange Online – Users were unable to send internal email messages that included attachments with the .ewf extension in Exchange Online – RESOLVED

06/04/2026 08:45:00 AM

NHSmail Reference: INC46790526

Microsoft Reference: EX1269486

Issue Status: RESOLVED

Issue Description: Users were unable to send internal email messages that included attachments with the .ewf extension in Exchange Online.

More info: When users attempted to send internal email messages that included attachments with the .ewf extension, they received a Non-Delivery Report (NDR) that stated: “550;5.0.350;Requested action not taken: policy violation detected (AS345)”

Current Update: 06/04/2026 08:45:00 AM–Microsoft has deployed a fix that reversed the offending signature update and confirmed through service health monitoring that the impact is remediated.

Scope of impact: Your organization was affected by this event, and any user that attempted to send internal email messages that include attachments with the .ewf extension in Exchange Online was impacted.

Root cause: A recent signature update used by their anti-malware scanning engine introduced an unintended issue, which resulted in some email messages being incorrectly flagged with policy violation errors and were rejected during processing.

Next steps: Microsoft are reviewing their signature update testing and validation procedures to identify and prevent email messages from being needlessly blocked in deployments moving forward.