Status Page

2026-04-06	Status	Description
10:09 AM		Title: Users are unable to send internal email messages that include attachments with the .ewf extension in Exchange Online User impact: Users were unable to send internal email messages that included attachments with the .ewf extension in Exchange Online. More info: When users attempted to send internal email messages that included attachments with the .ewf extension, they received a Non-Delivery Report (NDR) that stated: "550;5.0.350;Requested action not taken: policy violation detected (AS345)" Final status: We've deployed a fix that reversed the offending signature update and confirmed through service health monitoring that the impact is remediated. Scope of impact: Your organization was affected by this event, and any user that attempted to send internal email messages that include attachments with the .ewf extension in Exchange Online was impacted. Start time: Thursday, April 2, 2026, at 3:00 PM AST End time: Friday, April 3, 2026, at 12:00 PM AST Root cause: A recent signature update used by our anti-malware scanning engine introduced an unintended issue, which resulted in some email messages being incorrectly flagged with policy violation errors and were rejected during processing. Next steps: - We're reviewing our signature update testing and validation procedures to identify and prevent email messages from being needlessly blocked in deployments moving forward.
10:06 AM		User impact: Users are unable to send internal email messages that include attachments with the .ewf extension in Exchange Online. Current status: We've identified a recent signature update used by the antimalware scanning engine has introduced an unintended issue, resulting in some email messages being incorrectly flagged with policy violation errors and subsequently rejected during processing. We've validated and are deploying a code fix to update and correct the signature. Scope of impact: Your organization is affected by this event, and users attempting to send internal email messages that include attachments with the .ewf extension in Exchange Online are impacted. Start time: Thursday, April 2, 2026, at 3:00 PM AST Root cause: A recent signature update used by the antimalware scanning engine has introduced an unintended issue, resulting in some emails being incorrectly flagged with policy violation errors and subsequently rejected during processing. Next update by: Friday, April 3, 2026, at 12:30 PM AST
08:17 AM		User impact: Users may be intermittently unable to access their Exchange Online mailboxes in some connection methods. More info: This issue may intermittently impact some users who attempted to access the Exchange Online service through the Outlook mobile apps or the new Outlook for Mac desktop client. Current status: We've received reports from affected tenants that the impact scenario originally communicated through SHD EX1256020 is still ongoing. We're working to restart the Notification Broker service on affected portions of Exchange Online service infrastructure to remediate impact while we continue our analysis into the underlying root cause. Scope of impact: Impact may occur intermittently for some users accessing their Exchange Online mailboxes in the Outlook mobile apps or the new Outlook for Mac desktop client. This section may be updated as our investigation progresses. Next update by: Thursday, April 2, 2026, at 7:30 PM AST

10:09 AM

Title: Users are unable to send internal email messages that include attachments with the .ewf extension in Exchange Online

User impact: Users were unable to send internal email messages that included attachments with the .ewf extension in Exchange Online.

More info: When users attempted to send internal email messages that included attachments with the .ewf extension, they received a Non-Delivery Report (NDR) that stated: "550;5.0.350;Requested action not taken: policy violation detected (AS345)"
Final status: We've deployed a fix that reversed the offending signature update and confirmed through service health monitoring that the impact is remediated.
Scope of impact: Your organization was affected by this event, and any user that attempted to send internal email messages that include attachments with the .ewf extension in Exchange Online was impacted.

Start time: Thursday, April 2, 2026, at 3:00 PM AST
End time: Friday, April 3, 2026, at 12:00 PM AST

Root cause: A recent signature update used by our anti-malware scanning engine introduced an unintended issue, which resulted in some email messages being incorrectly flagged with policy violation errors and were rejected during processing.

Next steps:
- We're reviewing our signature update testing and validation procedures to identify and prevent email messages from being needlessly blocked in deployments moving forward.

10:06 AM

User impact: Users are unable to send internal email messages that include attachments with the .ewf extension in Exchange Online.

Current status: We've identified a recent signature update used by the antimalware scanning engine has introduced an unintended issue, resulting in some email messages being incorrectly flagged with policy violation errors and subsequently rejected during processing. We've validated and are deploying a code fix to update and correct the signature.

Scope of impact: Your organization is affected by this event, and users attempting to send internal email messages that include attachments with the .ewf extension in Exchange Online are impacted.

Start time: Thursday, April 2, 2026, at 3:00 PM AST

Root cause: A recent signature update used by the antimalware scanning engine has introduced an unintended issue, resulting in some emails being incorrectly flagged with policy violation errors and subsequently rejected during processing.

Next update by: Friday, April 3, 2026, at 12:30 PM AST

08:17 AM

User impact: Users may be intermittently unable to access their Exchange Online mailboxes in some connection methods.

More info: This issue may intermittently impact some users who attempted to access the Exchange Online service through the Outlook mobile apps or the new Outlook for Mac desktop client.

Current status: We've received reports from affected tenants that the impact scenario originally communicated through SHD EX1256020 is still ongoing. We're working to restart the Notification Broker service on affected portions of Exchange Online service infrastructure to remediate impact while we continue our analysis into the underlying root cause.

Scope of impact: Impact may occur intermittently for some users accessing their Exchange Online mailboxes in the Outlook mobile apps or the new Outlook for Mac desktop client. This section may be updated as our investigation progresses.
Next update by: Thursday, April 2, 2026, at 7:30 PM AST