[Resolved] Proofpoint Essentials: Legitimate Emails being quarantined as Phish February 10, 2025

12 February 2025, 12:00 UTC

All remediation work has now been completed and all stacks have returned to normal service

No further updates will be provided

12 February 2025, 11:00 UTC

Our cross-functional teams have successfully implemented remediation efforts, resolving this issue for customers in the US (1-5) and EU regions.Customers in these regions should no longer experience any impact, and normal operations have been fully restored.Work continues toward fully resolving the issue in all remaining regions. We appreciate your patience and will provide further updates as they become available.

If you have any further issues/questions please contact support

12 February 2025, 08:00 UTC

Our cross-functional teams continue to investigate remediation efforts on this with no ETA yet. Once an ETA becomes available, Proofpoint will be sure to share it.
Customers continue to remain able to release impacted mail via the Essentials interface at this time.

12 February 2025, 04:30 UTC

Our cross-functional teams continue to investigate remediation efforts on this with no ETA yet. Once an ETA becomes available, Proofpoint will be sure to share it.
Customers continue to remain able to release impacted mail via the Essentials interface at this time.

12 February 2025, 01:30 UTC

Proofpoint will continue to work through these as they are identified internally or through false-positive submission. At this time, reporting an observed false positive is the best path to resolution of an impacted URL.

Our cross-functional teams continue to investigate and testing remediation efforts on this with no ETA yet. Customers continue to remain able to release impacted mail via the Essentials interface at this time.

11 February 2025, 21:30 UTC

Proofpoint will continue to work through these as they are identified internally or through false-positive submission. At this time, reporting an observed false positive is the best path to resolution of an impacted URL.Our cross-functional teams continue to investigate remediation efforts on this with no ETA yet. Customers continue to remain able to release impacted mail via the Essentials interface at this time.

11 February 2025, 19:30 UTC

No new impact has been found at this time. While all known impacted URLs have been addressed, some additional URLs continue to be identified for action. Proofpoint will continue to work through these as they are identified internally or through false-positive submission. At this time reporting an observed false positive is the best path to resolution of an impacted URL.

• If any URLs are still found to be blocked, please raise a support ticket
• If you have identified any unintended deliveries, please raise a support ticket

Our cross-functional teams continue to investigate remediation efforts on this with no ETA yet. Customers continue to remain able to release impacted mail via the Essentials interface at this time.

11 February 2025, 18:10 UTC

Our cross-functional teams continue to investigate remediation efforts on this with no ETA yet. Impacted URLs have been addressed at this point. Customers continue to remain able to release impacted mail via the Essentials interface at this time.

11 February 2025, 14:00 UTC

Impacted URLs have been addressed at this point. Our internal teams are reviewing impacted mails that were quarantined. Customers are also able to release impacted mail via the UI at this time.

11 February 2025, 10:10 AM UTC

Work on correcting impacted URLs continues. All internal Proofpoint teams are working on this issue.