Understanding outbound spam controls in Office 365

As a Program Manager of Antispam in Office 365, one of the questions I am frequently asked is “How many messages outbound are we permitted to send per minute? Per hour? Per day?” When I use the term “Office 365” I mean both our existing Forefront Online Protection for Exchange (FOPE) service, and our newer…

4

Spammers ruining it for everyone

Last week we had an incident with our outbound reputation that caused delivery issues to various US government agencies who don’t use our service.  One of our customers did something inadvertently that caused our outbound IP reputation to degrade with some 3rd party reputation lists and as a result these government agencies wouldn’t accept our…

2

Are compromised accounts getting better or worse?

I decided to take a look at the total amount of outbound spam incidents that we have discovered over the past year.  We have multiple layers of incidents: We have thresholds for the amount of mail users can send where the content is marked as spam. We have thresholds for the amount of mail some…

0

The flip side of outbound spam control

Over the past few years, I have written numerous blog posts about controlling outbound spam.  Here’s a summary of what we do: We look for mailers who send high volumes of mail that are marked as spam. We look for mailers who send sudden bursts of traffic. We do not permit outbound commercial bulk mailing….

0

Handling the problem of outbound bulk mail

When it comes to email, I am our customers’ best friend.  I really am.  I’m the good guy that is always defending the user experience.  But even I have my breaking point. Over the years, we have put in a ton of outbound spam mitigations from delivering the spam out a different pool (and monitoring…

1

What I’m working on now

It’s been crazy busy around here the past few days dealing with a ton of stuff, not the least of which is related to outbound spam. We’ve actually got a good handle on outbound spam, or at least we did.  Currently, we are dealing with two issues: One of the service offerings that Microsoft has…

0

Our latest outbound spam mitigation technique

One of the things that has kept me busy the past few weeks (read: months) is outbound spam – again!  No matter how many mitigations we put in place, it’s never enough. The current challenge that we are dealing with is compromised accounts.  Most of the time, but not always, this happens with educational institutions. …

1

Not a great week for outbound spam

It hasn’t been a great week this week (March 1-5) for some of our customers who use us for outbound mail relay.  I’m not going to name names because there have been a wide variety of users, but every single day this week we have had one or two organizations that have been sending abusive…

0

Into the wild, wild west

Remember way back, in summer of 1999, when Will Smith and Kevin Kline starred in the movie Wild, Wild West?  If you don’t remember, that’s fine, because the movie really sucked.  According to the Wikipedia entry, Will Smith turned down the role of Neo in The Matrix in order to star in this one.  Ordinarily,…

0

Best practices for sending outbound mail

One of the questions that I am frequently asked is if we get a sudden burst of outbound mail from a customer using us to send outbound, will we throttle their mail?  Throttling is the process of slowing down outbound mail such that a sending organization can only send a certain amount of messages in…

0

How to reclaim your sender reputation, part 10 – Results

Results Forefront Online (ie, us) has come a long way in reclaiming its outbound reputation. The question now is this – has it worked? I will report on some anecdotal evidence. The Good To determine whether or not we have gotten better, I prefer to check 3rd party sources. While we may think that we…

0

How to reclaim your sender reputation, part 9 – disabling offenders

Continuing on in my 9 part series, the process of mitigating an outbound spam problem occurs in a two-fold manner. Usually they are mutually exclusive, but one can lead to the other. Cutting off mail only for the offending email address This is the default position. If only one email address is responsible for sending…

0

How to reclaim your sender reputation, part 8 – More pattern analysis

Islands Islands are named that way because their appearance looks like an island – a time zone infraction in which the middle sticks out above the others. Another term for this pattern is the head-and-shoulders pattern. Islands are the most ambiguous scenarios because while they indicate that a problem existed in the past, it is…

0

How to reclaim your sender reputation, part 7 – Pattern analysis

Mountains A mountain pattern is when each subsequent monitoring of an outbound spam problem is worse than the previous time. It looks like you are climbing a mountain. Once a threshold is crossed, an alert is generated. Mountains generate the most obvious tells that a problem is occurring. If the amount of outbound spam keeps…

0

How to reclaim your sender reputation, part 6 – Noise reduction

Pattern Detection and Noise Reduction The amount of noise inherent in outbound spam detection is high. End users will routinely mark messages as spam that aren’t actually spam. An example of this would be company billing reports; these are not spam but lots of people mark them like that. How do you know when you…

0