Ensure Exchange Online Spam Policies are set to notify administrators
Why This Matters
When an attacker compromises a user account, they often use it to send large volumes of spam. If your organization lacks notification policies for blocked senders, you may not detect these breaches in a timely manner. Notifying administrators when a sender is blocked provides an early warning that allows you to investigate and remediate compromised accounts before they cause further damage.
What Aether365 Checks
Aether365 verifies that your Exchange Online outbound spam policy is configured to send copies of suspicious outbound messages and notify specified recipients when senders are blocked. This check appears in the Aether365 dashboard under the microsoft-365 checks category.
How to Fix
Using the Microsoft 365 Admin Center: