ORCA.124 - Safe attachments unknown malware response set to block messages.
Overview
When Safe attachments unknown malware response set to block, Microsoft Defender for Office 365 prevents current and future messages with detected malware from proceeding and sends messages to quarantine in Office 365.
Remediation action
Set Safe attachments unknown malware response to block messages.
Related Links
- Microsoft 365 Defender Portal - Safe attachments
- Recommended settings for EOP and Microsoft Defender for Office 365 security
Test Metadata
| Field | Value |
|---|---|
| Test ID | ORCA.124 |
| Severity | High |
| Suite | ORCA |
| Category | EXO |
| PowerShell test | Test-ORCA124 |
| Tags | EXO, ORCA, ORCA.124 |
Source
- Pester test:
tests/orca/Test-ORCA124.Tests.ps1 - PowerShell source:
powershell/public/orca/Test-ORCA124.ps1