I am receiving the following alert for an internal address:
Potentially compromised account. Anomalous sending patterns were detected resulting in the user being restricted from sending mail
Ironically, it’s my alerts@ address. It’s sending multiple external emails to cell phone addresses (@vtext.com, etc).
I have unblocked the address a few times following the directions here, but it keeps getting flagged again. How can I whitelist this address so it does not trigger this policy?
Based on my knowledge, the EOP will block the mailbox who sends mails too much email too quickly via Outbound spam protection in EOP. Here’s a detailed explanation on why Exchange Online Protection Blocks Email Senders