Welcome to our guide on implementing a crucial recommendation from Microsoft Defender Secure Score: Ensuring that mailbox intelligence is enabled. In today’s digitally interconnected world, email remains a primary conduit for communication, but it’s also a prime target for cyber threats. By enabling mailbox intelligence, organizations can harness the power of advanced threat detection mechanisms to bolster their email security posture. 

Note: “Recommended action” Remediations as identified by “Microsoft 365 admin center Portal (https://portal.microsoft.com) \ Security \ Secure score \ Recommended actions” in a pristine baseline environment.

Rank Recommended action

98 Ensure that mailbox intelligence is enabled

Microsoft Security Score

Before Mitigation:

A black text with black letters Description automatically generated

After Mitigation:

A black text with black text Description automatically generated

Secure Score Improvement: +0.76%



Turns on artificial intelligence (AI) that identifies users’ email patterns with their frequent contacts to spot potential phishing attempts.

Implementation status

100% of users are affected by policies that are configured securely

  • Strict Preset Security Policy1705599884817 – 1 users (100%)




You have Microsoft Defender for Office 365 P1.

Next steps

Ensure that all users have an assigned anti-phishing policy with the ‘Enable mailbox intelligence’ option enabled, by either updating your existing policies or creating new ones.

Learn more

Anti-phishing policies | Microsoft Learn