Office 365 is categorizing all Bitwarden emails as a phishing attempt

I have submitted them to MS, and added the "[email protected]" address to the safe senders list, but this is not best practices. If that email is spoofed, basically anything can get in, and spoofing that email seems like it could be a pretty high value target.

A search of the forums has some other examples of users not getting invite or confirmation emails as well.

1 Like

I opened an issue at server level to easily track it :

Currently, Microsoft is marking some of our emails as possible phishing messages. We have reported this to Microsoft and are waiting on a response. In the meantime, please check your Quarantine. https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user

You may want to add a rule to your Quarantine settings to allow emails from bitwarden.com until the issue is resolved.

I signed up for a new account yesterday. Same thing is happening on my Outlook.com premium account so Exchange Online Protection appears to be doing the same thing.
SPF and DKIM both pass

BCL:0;
X-Microsoft-Antispam-Mailbox-Delivery abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ucf:0;jmr:0;ex:0;auth:1;dest:J;OFR:SpamFilterAuthJ;ENG:(5062000261)(5061607266)(5061608174)(4900115)(58390011)(98390011)(8390131)(8377080)(8386120)(4920090)(6382001)(4950130)(4990090)(9140004);RF:JunkEmail;