ORCA.232 - Each domain has a malware filter policy applied to it, or the default policy is being used.
Overview
Exchange Online Protection malware filter policies are applied using rules. The default policy applies in the absence of a custom policy. When creating custom policies, there may be duplication of settings and depending on the rules and priority, some policies or settings may not even apply. It's important in this circumstance to check that the desired settings are applied to the right users.
Remediation action
Check your malware filter policies for duplicate rules. Some policies and settings may not be applying.
Related Links
Test Metadata
| Field | Value |
|---|---|
| Test ID | ORCA.232 |
| Severity | High |
| Suite | ORCA |
| Category | EXO |
| PowerShell test | Test-ORCA232 |
| Tags | EXO, ORCA, ORCA.232 |
Source
- Pester test:
tests/orca/Test-ORCA232.Tests.ps1 - PowerShell source:
powershell/public/orca/Test-ORCA232.ps1