Safe Attachments is not bypassed.

Why This Matters

Bypassing Safe Attachments creates a critical gap in your email protection against malicious file attachments. When administrators or specific users are allowed to bypass scanning, threat actors can exploit these exceptions to deliver ransomware, trojans, or other malware directly to inboxes. Without consistent enforcement, your organization's antimalware defenses become unreliable and harder to audit.

What Aether365 Checks

This check verifies that no mail flow rules or user-level settings are configured to bypass Safe Attachments scanning in Microsoft 365. The result appears in the Aether365 dashboard under microsoft-365 checks, identified as ORCA.189.

How to Fix

To ensure Safe Attachments is not bypassed, review and remove any custom mail flow rules or user exceptions that disable attachment scanning. Follow these steps: