Defender for Office blocks mail from a known sender
Safe Links or Safe Attachments scored it as suspicious. Find out why first, then decide on an exception.
Try this first
- 1Open the Defender portal, Email & collaboration, then Explorer. Find the message and drill into detection details.
- 2Read the reason: phish confidence, malware detection, or impersonation. An impersonation hit on a legitimate partner happens more often than you think.
- 3Ask the sender to verify their SPF, DKIM and DMARC. If those are loose, Defender is right to be suspicious.
- 4Only add a Tenant Allow/Block List entry once the cause is clear, not as a reflex. A broad allow undermines the entire filter.
When to bring us in
For repeated false positives from the same partner, the fix usually lives on their end (DNS records). We can mediate or take over Defender policy tuning.
See also
- Outlook crashes or freezes on large attachmentsUsually the mailbox cache is the culprit, not Outlook itself. Shrinking or relocating usually helps within ten minutes.
- Teams: they cannot hear me, or I hear nothingIn our experience Teams usually picked the wrong audio device after a Windows update or a new headset.
- OneDrive has stopped syncingThe cloud icon is grey or has a warning. Locally changed files are not showing up for colleagues.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.