Text of the alert:
1 outbound spam(s) caught for exampledomain.com between 08/26/2021 03:00 and 08/26/2021 04:00 Eastern Daylight Time
Meaning:
We detected at least one message from sender that was caught outbound at (timestamp) and classified as a spam.
Importance:
It really depends on the volume ...
Low Volume:
If it's a handful of emails, chances are it's a false-positive. Usually it means there's a combination of words in the email, or links included that point to possibly compromised websites. This is a fairly common thing that happens to new setups that get ironed out over time.
We go into details in this article: Good mail caught as spams (False-Positives).
Before setting up custom rules to allow messages outbound, it's always a good idea to report them to proofpoint first: Reporting False-Positives to proofpoint.
If you're unsure on how to deal with them, fell free to contact our support team.
High Volume:
You can tell by the number of messages caught outbound - if the alert tells you that hundreds or thousands of Emails are caught outbound, it probably means the user's account is compromised. You should at the very least change the password of the account. Reach out to our support team for more assistance.