ISSUE:
We often get support cases where Proofpoint scanned a message, and let it go through and got delivered to office365 (shows as delivered in the message log) but the message "dissapeared" afterwards. Usually it's because office365 did something with the email. Often it could just be it went to the office365 quarantine or the user's junk folder but the only way to ascertain this is to use the office365 message trace to answer the eternal "What happened to my Email?" question.
PROCESS:
First, login to office365 as an administrator and bring up the Microsoft Admin Control Center and then go to the microsoft exchange menu
Go to the mail flow section -> Message Trace -> Start a Trace
Specify the search criterions. If the issue is recent, narrow down the time window using the slider.
Click Search. You'll get a list of emails ... find the email you're looking from (based on from/to/timestamp) and click on it
Expand the "message events, each event can be expanded to see what happened in the mail flow.
This usually gives you the info that is missing post delivery from proofpoint. What happened to the email after proofpoint handed it off to office365.