WithSecure Elements emails to Office365 recipients treated as Bulk by Microsoft filtering with a BCL score of 7

Incident Report for WithSecure services

Resolved

This incident has been resolved.

Posted Feb 21, 2023 - 10:22 UTC

Monitoring

Microsoft has reduced our Bulk Complaint Level (BCL) score to 3 or less. We continue to monitor the situation.

Posted Feb 15, 2023 - 12:53 UTC

Identified

Some invitation or alert emails sent from withsecure.com domain address (no-reply@withsecure.com) are considered as BULK emails in MS Exchange Online Protection / O365 filtering.
Microsoft EOP (Exchange Online Protection) is treating our device & user invitation emails as BULK with a BCL score of 7 which is the default threshold in Exchange Online Protection / O365 when these get quarantined to admin only quarantine (Not available for release in user managed quarantine view).

At least these WithSecure emails are affected:
-Account creation / password reset for WithSecure Elements
-Account creation for WithSecure Partner Portal
-Security Event alerts
-New Device Installations links for WithSecure Elements

Emails sent by WithSecure Elements Endpoint Detection and Response are not affected.

We recommend administrators to implement the workaround shared in our knowledge base if having this issue:
https://community.withsecure.com/en/kb/articles/29713-emails-sent-from-elements-portal-do-not-arrive-to-the-recipient-user-and-are-sent-to-spam-or-quarantined

We are working continuously with Microsoft to remediate the situation.

More information on Bulk complaint level (BCL) values is available at Microsoft:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spam-bulk-complaint-level-bcl-about?view=o365-worldwide

Posted Feb 09, 2023 - 10:44 UTC

This incident affected: WithSecure Elements Endpoint Protection (Portal).