A second update to the problem of email forwarding in Office 365

18 months ago, I wrote the following blog post: Why does my email from Facebook, that I forward from my outlook.com account, get rejected. 6 (ish) months ago, I provided an update at An update on the forwarding email problem in Office 365 where I said that we made a change such that Exchange Transport Rules…

2

How we got to enforce DMARC for sub-domains of Microsoft’s largest consumer email brands

I couldn’t believe it. I had been blind for ages. Why had I not seen it before? The month was August 2017, and none of Microsoft’s largest consumer email brands – msn.com, live.com, hotmail.com, and outlook.com – had DMARC reject records in place. Not one. As a result, we were still seeing lots and lots…

4

Blocking invalid From: addresses in Office 365

A couple of weeks ago, we made an announcement in Office 365 that we would be implementing stricter checks of the From: address, starting Nov 9, 2017. You can find that at How Office 365 validates the From: address to prevent phishing. I won’t repeat everything in that article as you can click and read…

1

Showing a question mark ‘?’ in the sender photo when a message is not authenticated

In order to help stop phishing messages, Office 365 and Outlook.com already filter messages using authentication methods including SPF, DKIM, DMARC, and antispoofing. These techniques verify that the sender is who they say they are, and they are used to mark the message either as Junk Email, or deliver it to your Inbox. They sometimes…

7

Does DMARC need an update to handled branded TLDs? I say yes

Some background As I’ve said before, one of the things I like about DMARC is how I don’t have to specify a policy for every single domain that I own. To recap what I said in my other post, here’s the DMARC record of microsoft.com (I’ve removed the reporting addresses): microsoft.com | “v=DMARC1; p=reject; pct=100″…

5

Does SPF need an update so subdomains can inherit the policy of its organizational domain? I say yes

The good thing about DMARC One of the great things about DMARC is that subdomains can inherit the policy of its organizational domain. For example, here’s the DMARC record of microsoft.com (I’ve removed the reporting addresses): microsoft.com | “v=DMARC1; p=reject; pct=100” There’s no subdomain policy, which means that the following domain which has no DMARC record:…

5

How we use the Certified Senders Alliance IP reputation list

If you are a subscriber to the good folks at Eco over in Germany, you might have noticed in their regular newsletter that Outlook.com and Office 365 is now a new ISP partner. What does that mean? Over here at Outlook.com and Office 365, we have a complicated relationships with good IP reputation lists. Outlook.com…

2

Should you warn users when they receive an external message?

I’ve been asked a few times what I think about organizations that add warnings to messages that their users receive when the message is sent to them from outside the organization. That is, some organizations create Exchange Transport Rules (ETRs) when the message is received outside the organization. This might look something like this: This…

0

Disabling unauthorized forwarding in Outlook.com

Over the past week, I’ve noticed an increase in user escalations asking to disable unauthorized forwarding. That is, they have a setting in their mailbox where their email is being forwarded to another account. Users can resolve this themselves: select Options > Mail > Automatic processing > Inbox and sweep rules. Then, look for any…

1

An update on the forwarding email problem in Office 365

Update on Nov 3, 2017 – See A second update on the problem of email forwarding in Office 365 Well over a year ago, I wrote the following blog post: Why does my email from Facebook, that I forward from my outlook.com account, get rejected? It’s a very popular blog post, it gets more comment than…

9

What do we mean when we refer to the ‘sender’ of an email?

There’s a lot of ambiguity about the term “sender” when talking about the sender of an email. What do we mean? The term is overloaded because there are so many possible “senders” of a message. Here’s the most commonly used terms and how they show up in various email clients: 1. The From: address in…

3

How the Outlook.com Spam Fighters program works

Over here in Outlook.com (and Office 365), we hate spam (and phishing, and malware). We’re doing everything we can, every single day, to keep it out of your Inbox.But we know that there are many of you out there as well that also hate spam as much as we do, and that’s where the Spam Fighters…

9

Fixing a problem with “Unsubscribe” in Outlook.com

One of the problems that some of our users have been experiencing in Outlook.com is using the “You can unsubscribe” widget: The widget above shows up when we think the message is bulk, and the message contains a List-Unsubscribe header, and that header contains a mailto. We parse out the mailto and send a message…

1