When creating support tickets about spam, be sure to include message headers

When users get spam and phishing messages in the inbox, we ask users to submit them back to us, using the instructions here: Submit spam, non-spam, and phishing scam messages to Microsoft for analysis. I explain why this is important in Why does spam and phishing get through Office 365? And what can be done…

0

How to securely add a sender to an allow list in Office 365

Background We sometimes see users creating allow rules, either through Exchange Transport Rules (ETRs), or Domain Allows, or Safe Senders, when they want to receive email from senders. However, they frequently do this insecurely; spammers then spoof the sending domain (or even the full email address) which skips all spam filtering and the message lands…

0

A short intro to how the Phishing Confidence Level (PCL) works

This is a rough description of how the Phishing Confidence Level (PCL) works in Office 365. Way back in the olden days – 2007 or so – Exchange server used to have its own spam filter, Smartscreen. This was more-or-less the same spam filter running in Outlook.com. But whereas Smartscreen in Outlook.com (then known as…

1

Does SPF need an update to handle non-existent includes? I say yes.

Over the past month, my team and I have been going over logs in our system, looking for SPF PermErrors and trying to figure out how many we had, and the root cause of them. As it turns out, there are lots of things that cause a permanent SPF failure. The most common examples are…

3

A second update to the problem of email forwarding in Office 365

18 months ago, I wrote the following blog post: Why does my email from Facebook, that I forward from my outlook.com account, get rejected. 6 (ish) months ago, I provided an update at An update on the forwarding email problem in Office 365 where I said that we made a change such that Exchange Transport Rules…

4