Domains are not being allow listed in an unsafe manner in Transport Rules.

Why This Matters

Overly permissive transport rules that allowlist entire domains can bypass critical security filters, exposing your organization to spam, phishing, and malware. If an attacker gains control of an allowlisted domain, they can send malicious messages directly to user inboxes without being scanned. Admins should regularly audit transport rules to ensure only trusted, specific senders are allowlisted.

What Aether365 Checks

This check verifies that no transport rules in Exchange Online are allowlisting entire domains in a way that could weaken email security. It appears in the Aether365 dashboard under microsoft-365 checks.