Policy priorities
In organizations using Microsoft 365 with Exchange Online mailboxes, or those under standalone EOP without such mailboxes, incoming emails may encounter several protective measures. These include anti-spoofing safeguards, which are accessible to all Microsoft 365 users, and impersonation defense, exclusive to Microsoft Defender for Office 365 subscribers. Furthermore, each message undergoes a series of detection processes aimed at identifying malware, spam, phishing, and more. Amid these processes, it’s easy to get puzzled over which policy takes precedence. Although it’s feasible to prioritize policies within the same category, it’s crucial to note that EOP and Defender for Office 365 adhere to a fixed sequence of protection processing. This sequence, which cannot be altered, establishes the order in which different types of defenses are applied. It’s important to understand that when examining this order, protections labeled with high...
