Microsoft Technical Bulletins

The latest updates for all the Microsoft Products you use every day.

Microsoft Exchange Curtain Reveal Tech Bulletin Header

Written by Richard Quatier

My goal is to help your business by integrating processes that automate mundane tasks and simplify complex ones without breaking budgets.

July 25, 2022

Blog Home

Microsoft Defender for Office 365 Preset Security Policies

Exchange Online, Microsoft 365 Experts

From Microsoft Corporation
Technical Bulletin: MC388229 · Published Jun 3, 2022

Message Summary

We are making enhancements to Microsoft Defender for Office 365 preset security policies. It will provide a way to apply the policy to the entire organization and be able to optionally configure a list of custom users and custom domains to protect against impersonation attacks.

Impersonation protection applies to Microsoft Defender for Office 365 Plan 1 and Plan 2 & Microsoft 365 Defender

This message is associated with Microsoft 365 Roadmap ID 93262

When this will happen:

Standard: Rollout will begin in late June and be completed by late September

GCC/GCC-H/DoD: Rollout will begin in late August and be completed by late November

How this will affect your organization:

Security Admins and SecOps teams will be able to apply policy settings to all users of your organization using preset strict/standard policies, however, you can still select specific recipients. SecOps teams will be able to configure custom users and custom domains to protect against impersonation attacks. You will be able to provide a list of trusted senders and trusted domains that you want to allow to be impersonated and it won’t be flagged from such impersonated senders/domains.

Note: Within preset strict/standard policies, the impersonation protections for custom users and domains have always been available and turned ON until now. After this change, when there are custom users and domains added in the list, impersonation protection will be applied to incoming messages and will be quarantined.

What you need to do to prepare:

Review your existing Anti-Phishing policies within threat policies and consider creating/updating preset policies with custom users and/or custom domains to protect against impersonation attacks. We recommend updating your necessary training documents accordingly.

Learn More:


QuixTec provides this and other technical bulletins unaltered from Microsoft. As an authorized Microsoft Partner, we ensure that all our solutions we deliver to you include the latest Microsoft updates.

ABOUT US: QuixTec, LLC is a U.S. certified Veteran Owned, modern DevOps organization with experience in a plethora of IT Software Languages.  As a Microsoft Partner, we specialize in Discounted Microsoft Software Licensing, Microsoft SharePoint, Microsoft365 and HTML5 technologies for small to enterprise-sized organizations. Our dedication to IT excellence is evidenced through our PECB ISO Certification training center. The only PECB ISO authorized center in Washington State. QuixTec, implements and provides training for upcoming open-source digital marketing services that are taking the industry by storm. This solution, used by over 100,000 businesses, provides enterprise level marketing capabilities at startup rates. The founder, Richard, has 30 years of experience working with several notable companies that include World Vision, Expedia, Microsoft, Levi Strauss, NASA, Boeing Aerospace, Los Alamos National Laboratory, and the U.S. Air Force, to name a few.  QuixTec is in the Seattle area. Phone today for a free consultation and project estimate.

(425) 367-9025


SharePoint Development ServicesSharePoint Development - Custom Solution Development - Microsoft 365 Experts - Microsoft 365 - IT Staffing Services - WordPress Development Services - Form Email Validation - Microsoft Licensing - Mautic Open Source MarketingBest IT Staffing AgenciesIT Staffing Company  - PECB ISO Training and Certification

You May Also Like…