Ensure the connection filter safe list is off (Only Checks Default Policy)

Why This Matters

Connection filter safe lists allow trusted senders to bypass Exchange Online Protection (EOP) spam filtering. If the safe list is enabled in your default connection filter policy, malicious senders or compromised domains could exploit this exception to deliver phishing emails or malware directly to user inboxes. Disabling this feature ensures all inbound messages are consistently filtered, reducing your organization’s risk of email-borne attacks.

What Aether365 Checks

Aether365 verifies that the safe list is disabled in the default connection filter policy within your Microsoft 365 tenant. This check appears in the Aether365 dashboard under the microsoft-365 checks category.