Cisco Secure Email Threat Defense FAQ

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: March 25, 2024

Chapter: Secure Email Threat Defense and Microsoft 365

Does Secure Email Threat Defense honor senders or domains from an allow list in Microsoft 365?
Does Secure Email Threat Defense honor actions my users take on Junk mail in Outlook?
What is the journaling size limit?
Why aren’t all of my domains showing in Secure Email Threat Defense?
Where can I find more information about journaling in Microsoft 365?

Secure Email Threat Defense and Microsoft 365

Does Secure Email Threat Defense honor senders or domains from an allow list in Microsoft 365?

Yes. Secure Email Threat Defense honors senders and domains added to your spam filter allow lists in Microsoft 365 for Spam and Graymail messages. MS Allow lists are not honored for Malicious or Phishing verdicts.

In the classic Exchange admin center, this is accessible from Exchange admin center > protection > spam filter.

In the new Microsoft 365 security center, you can access this setting here: https://security.microsoft.com/antispam

Because of some recent changes to Microsoft’s MSAllowList header, Microsoft Allow lists are not always honored by Secure Email Threat Defense if your organization allows individual users to configure allow lists in their mailbox and a message happens to fall in a user’s allow list. If you want Secure Email Threat Defense to honor these settings, select the Do not remediate Microsoft Safe Sender messages with Spam or Graymail verdicts check box on the Policy page. Safe Sender flags are respected for Spam and Graymail verdicts, but are not respected for Threat verdicts. That is, Safe Sender messages with Spam or Graymail verdicts will not be remediated.

Does Secure Email Threat Defense honor actions my users take on Junk mail in Outlook?

Users may mark email using the Outlook Junk options, such as Never Block Sender or Add to Safe Senders. If you want Secure Email Threat Defense to honor these settings, select the Do not remediate Microsoft Safe Sender messages with Spam or Graymail verdicts check box on the Policy page. Safe Sender flags are respected for Spam and Graymail verdicts, but are not respected for Threat verdicts. That is, Safe Sender messages with Spam or Graymail verdicts will not be remediated.

What is the journaling size limit?

Any message over 150 MB will not be journaled by Microsoft 365.

Why aren’t all of my domains showing in Secure Email Threat Defense?

Secure Email Threat Defense imports domains with email capabilities associated with your tenant. If a domain does not have email capabilities, it is not shown in Secure Email Threat Defense.

Where can I find more information about journaling in Microsoft 365?

Refer to the Microsoft documentation: https://docs.microsoft.com/en-us/exchange/security-and-compliance/ journaling/journaling

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)