| Mail Bombing Detection technology in Microsoft Defender for Office 365 | ||||||
|---|---|---|---|---|---|---|
| ID | Workload | Category | Classification | Severity | Start Time | Last Updated |
| MC1096885 | Exchange Online Microsoft Defender XDR | Plan For Change | Updated message New feature Admin impact | normal | 17-Jun-2025 12:39 | 01-Jul-2025 11:17 |
|
Update: 01-Jul-2025 11:17 Updated July 1, 2025: We have updated the timeline below. Thank you for your patience. We're introducing a new detection capability in Microsoft Defender for Office 365 to help protect your organization from a growing threat known as email bombing. This form of abuse floods mailboxes with high volumes of email to obscure important messages or overwhelm systems. The new "Mail Bombing" detection will automatically identify and block these attacks, helping security teams maintain visibility into real threats. When this will happen: General Availability (Worldwide): We will begin rolling out in late June 2025 and expect to complete by early July 2025 (previously late July). How this affects your organization: Security Operations Analysts and Administrators will see a new detection type labeled Mail Bombing in the following locations:
This feature is on by default and requires no manual configuration. What you can do to prepare:
Compliance considerations:
| ||||||