Calendar Invites Bypassing INKY

Written By Matt Sywulak

Last updated 4 months ago

Q: Why are spam and phishing calendar invites getting through INKY without banners?

A: The most common cause is your Special Message Types setting for calendar invites. If set to "Only modify Danger-level messages" (the default recommendation), users won't see banners on Caution or Neutral threats—which means they can't report them either.

Quick Fix

Navigate to Admin Center > Analysis > Markup Settings > Special Message Types

Change Meeting requests / calendar notifications from "Only modify Danger-level messages" to "Modify all messages"

This ensures banners appear on ALL calendar invites, including lower-threat-level spam that users need to see and report.

Other Common Causes

Bypass Rules

Check if your Exchange transport rules skip INKY analysis for calendar invites. These rules add X-IPW-Ignore: True headers, creating a blind spot.

Fix: Remove global calendar bypasses or limit them to trusted senders only (Calendly, Zoom, etc.). See Bypass INKY Protection for Specific Email.

Spam Engine Settings

Ensure INKY's spam detection is enabled and sensitivity is appropriate.

  1. Verify spam engine is enabled in Admin Center > Analysis

  2. Enable upstream spam classification (uses M365/Google results)

  3. Gradually increase sensitivity if needed

Trade-offs

Setting calendar invites to "Modify all messages" means legitimate meeting requests will show gray or blue banners. This is intentional—external calendar invites should be verified before accepting, and banners help users report suspicious ones.