Removed "if the xxx isn't submitted again"

Author: chrisda

defender-office-365/defender-for-office-365-whats-new.md

@@ -41,7 +41,7 @@ For more information on what's new with other Microsoft Defender security produc
 
 ## July 2024
 
-- **45 days after last used date**: The value **Remove allow entry after** \> **45 days after last used date** is now the default on new allow entries from submissions and existing allow entries in the [Tenant Allow/Block List](tenant-allow-block-list-about.md). The allow entry is triggered and the **LastUsedDate** property is updated when the entity is encountered and identified as malicious during mail flow or at time of click. After the filtering system determines that the entity is clean, and if the entity isn't submitted again, the allow entry is automatically removed after 45 days. By default, allow entries for spoofed senders never expire.
+- **45 days after last used date**: The value **Remove allow entry after** \> **45 days after last used date** is now the default on new allow entries from submissions and existing allow entries in the [Tenant Allow/Block List](tenant-allow-block-list-about.md). The allow entry is triggered and the **LastUsedDate** property is updated when the entity is encountered and identified as malicious during mail flow or at time of click. After the filtering system determines that the entity is clean, the allow entry is automatically removed after 45 days. By default, allow entries for spoofed senders never expire.
 
 - (GA) Learning hub resources have moved from the Microsoft Defender portal to [learn.microsoft.com](https://go.microsoft.com/fwlink/?linkid=2273118). Access Microsoft Defender XDR Ninja training, learning paths, training modules and more. Browse the [list of learning paths](/training/browse/?products=m365-ems-cloud-app-security%2Cdefender-for-cloud-apps%2Cdefender-identity%2Cm365-information-protection%2Cm365-threat-protection%2Cmdatp%2Cdefender-office365&expanded=m365%2Coffice-365), and filter by product, role, level, and subject. 
 

defender-office-365/submissions-admin.md

@@ -288,7 +288,7 @@ After a few moments, the block entry is available on the **URL** tab on the **Te
 
        For spoofed senders, this value is meaningless, because entries for spoofed senders never expire.
 
-       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious email message is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the email message is clean, and if the email message isn't submitted again.
+       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious email message is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the email message is clean.
 
      - **Allow entry note (optional)**: Enter optional information about why you're allowing this item. For spoofed senders, any value you enter here isn't shown in the allow entry on the **Spoofed senders** tab on the **Tenant Allow/Block Lists** page.
 
@@ -348,7 +348,7 @@ After a few moments, the associated allow entries appear on the **Domains & addr
        - **30 days**
        - **Specific date**: The maximum value is 30 days from today.
 
-       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious email attachment is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the email attachment is clean, and if the email attachment isn't submitted again.
+       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious email attachment is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the email attachment is clean.
 
      - **Allow entry note (optional)**: Enter optional information about why you're allowing this item.
 
@@ -406,7 +406,7 @@ For URLs reported as false positives, we allow subsequent messages that contain
        - **30 days**
        - **Specific date**: The maximum value is 30 days from today.
 
-       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious URL is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the URL is clean, and if the URL isn't submitted again.
+       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious URL is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the URL is clean.
 
      - **Allow entry note (optional)**: Enter optional information about why you're allowing this item.
 
@@ -1100,7 +1100,7 @@ In the **Submit to Microsoft for analysis** flyout that opens, do the following
         - **30 days**
         - **Specific date**: The maximum value is 30 days from today.
 
-       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious email message is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the email message is clean, and if the email message isn't submitted again.
+       When **45 days after last used date** is selected, the last used date of the allow entry is updated when the malicious email message is encountered during mail flow. The allow entry is kept for 45 days after the filtering system determines that the email message is clean.
 
       - **Allow entry note (optional)**: Enter optional information about why you're allowing this item. For spoofed senders, any value you enter here isn't shown in the allow entry on the **Spoofed senders** tab on the **Tenant Allow/Block Lists** page.
 

includes/allow-entry-facts.md

@@ -16,4 +16,4 @@ search.appverid: met150
 >
 > During mail flow or time of click, if messages containing the entities in the allow entries pass other checks in the filtering stack, the messages are delivered (all filters associated with the allowed entities are skipped). For example, if a message passes [email authentication checks](../defender-office-365/email-authentication-about.md), URL filtering, and file filtering, a message from an allowed sender email address is delivered if it's also from an allowed sender.
 >
-> By default, allow entries for [domains and email addresses](../defender-office-365/submissions-admin.md#report-good-email-to-microsoft), [files](../defender-office-365/submissions-admin.md#report-good-email-attachments-to-microsoft), and [URLs](../defender-office-365/submissions-admin.md#report-good-urls-to-microsoft) are kept for 45 days after the filtering system determines that the entity is clean. if the entity isn't submitted again, the allow entry is automatically removed after 45 days. Or you can set allow entries to expire up to 30 days after you create them. Allow entries for [spoofed senders](../defender-office-365/tenant-allow-block-list-email-spoof-configure.md#create-allow-entries-for-spoofed-senders) never expire.
+> By default, allow entries for [domains and email addresses](../defender-office-365/submissions-admin.md#report-good-email-to-microsoft), [files](../defender-office-365/submissions-admin.md#report-good-email-attachments-to-microsoft), and [URLs](../defender-office-365/submissions-admin.md#report-good-urls-to-microsoft) are kept for 45 days after the filtering system determines that the entity is clean, and then the allow entry is removed. Or you can set allow entries to expire up to 30 days after you create them. Allow entries for [spoofed senders](../defender-office-365/tenant-allow-block-list-email-spoof-configure.md#create-allow-entries-for-spoofed-senders) never expire.