Office 365 identifying default Auth0 email templates as phishing. On multiple tenants

No matter what changes I make. It seems like all of my Auth0 outbound emails are going into quarantine for Office365 users. Sendgrid and Mandrill will both show the mail as delivered but it gets stopped at the Office365 server and sent to quarantine for “High Confidence Phishing”

Even using default Auth0 email templates and different email providers(sendgrid and mandrill). Emails are going into quarantine for what seems like only office 365 users. I could be wrong though.

Ive reached out to microsoft to help me pinpoint why. But they were unable to provide me with much assistance.

Can anyone point me in the right direction or provide any advice?
Thanks

Hey there!

The main tip is to ensure that SPF, DKIM and DMARC have been configured, as described here:

“The best way to deal with legitimate messages that are blocked by Microsoft 365 (false positives) that involve senders in your domain is to fully and completely configure the SPF, DKIM, and DMARC records in DNS for all of your email domains” : https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tuning-anti-phishing?view=o365-worldwide .

The corresponding Auth0 doc for this can be found here: https://auth0.com/docs/auth0-email-services/customize-email-templates

Here is also on how to find and release quarantined messages: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user?view=o365-worldwide

Apart from those two measures, there isn’t a lot that we can do at our end.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.