Solved: Hello - we are getting alerts as of about 2 weeks ago, about "Phish emails allowed" in our O365 domain, and wanted to get some input from the experts out there.

Hello - we are getting alerts as of about 2 weeks ago, about "Phish emails allowed" in our O365 domain, and wanted to get some input from the experts out there. Here is a copy of one of the 7 alerts received:

Severity

Informational

Time (UTC -05:00)

Sep 7, 2021 11:25:42 PM

Threat type

Spam, Phish and Malicious

Hit count

Details

This alert fires when message containing phish was delivered due to an IP allow policy. -V1.0.0.3By the time this alert was triggered, the following 1 user received Spam, Phish and Malicious mail matching the conditions of your alert policy:info-europe@laco.comThis alert was triggered by theAnti-spam Policy : Connection filter policy

View message list

Status

Active

Comments

New alert

When I try to "View message" it shows me nothing there. So first question is where do I see the IP allow policy, and 2) why is the message gone for each one when I try to see what email tripped it?

Thanks for your help.
Damian

Hello - we are getting alerts as of about 2 weeks ago, about &quot;Phish emails allowed&quot; in our O365 domain, and wanted to get some input from the experts out there.

Hello - we are getting alerts as of about 2 weeks ago, about "Phish emails allowed" in our O365 domain, and wanted to get some input from the experts out there.