Microsoft is investigating an ongoing issue in Exchange Online that is incorrectly flagging legitimate emails as phishing attempts and placing them into quarantine.
The incident began on February 5 and continues to disrupt email delivery for affected customers.
In a service alert issued on Thursday, Microsoft said some users’ valid messages were being marked as phishing, preventing normal email flow. According to the company, the URLs in these emails were mistakenly flagged as malicious by automated detection systems designed to counter increasingly sophisticated spam and phishing techniques.
Over the weekend, Microsoft confirmed that the root cause is a newly introduced URL filtering rule. While the rule was intended to improve protection against advanced threats, it has instead resulted in legitimate emails being quarantined.
Microsoft has classified the problem as an incident, a designation typically used when customer impact is significant. Although the company has not disclosed how many organizations are affected or which regions are involved, users have reported issues sending and receiving emails across multiple tenants.
To mitigate the disruption, Microsoft said it is reviewing and releasing quarantined messages and working to ensure that legitimate URLs are removed from blocklists. Some affected users have already started to see previously quarantined emails reappear in their inboxes, though full remediation is still underway. An estimated resolution time has not yet been provided.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
