Domains are not being allow listed in an unsafe manner in Anti-Spam Policies.

Why This Matters

Allowing domains via anti-spam policy allow lists can inadvertently grant trusted status to malicious senders, bypassing critical spam filters. This increases the risk of phishing attacks, malware delivery, and email fraud reaching user inboxes. Administrators should carefully manage allow lists to avoid creating security gaps that attackers can exploit.

What Aether365 Checks

This control verifies that your anti-spam policies do not contain unsafe domain allow list entries that could permit unwanted or dangerous emails. It appears in the Aether365 dashboard under your Microsoft 365 security checks.