Keep headers intact when forwarding a message

In my line of work, I am constantly requesting message samples from organizations so that I can analyze the headers. Whether an end user has received a message that they believe should have been marked as spam, or they receive a message that was marked as spam that should not have been, step one of…

3

Troubleshoot a broken junk mail folder

I recently worked on a very interesting case that I wanted to share. This organization had set EOP to deliver all spam messages to end users junk mail folder. This worked great for most users, but a small number experienced EOP delivering spam messages directly to their inbox, as if they weren’t being scanned at…

4

Determine where a message leaves an Office 365 tenant

When troubleshooting mail flow it is often important to determine where a message is handed off from a partner to your Office 365 tenant, or from your Office 365 tenant to a partner. This is easy to see in a message header, just look for the receiving host with the domain mail.protection.outlook.com, as this will…

2

An Early Gift, EOP Bulk Mail Detection – The Easy Way

This past summer we added new bulk detection capabilities to Exchange Online Protection. At the time, if you wanted to take advantage of these new capabilities you had to add an EOP transport rule to detect the BCL (bulk complain level) that EOP stamped on incoming messages. This new capability worked wonderfully, but the problem…

4

Easily tell which transport rules a message triggered

Hello fellow traveller, come sit with me by the fire, there is plenty of room. You look to be weak from your travels, I have plenty of rations that I will gladly share with you. I have many stories from my own travels that I would love to share. Wait…, you want to know about…

10

P2 Headers Now Respected for End User Safe and Blocked Senders Lists

Exchange Online Protection will now evaluate both the P1 and P2 headers in a message against an end users safe and blocked senders list. I know, I’m super excited too! Previously only the P1 header of a message was compared to these lists. Not only does this make blocking or safe listing within Outlook or…

3

Is X-Microsoft-Antispam a New EOP Header

Yes, yes it is, and I’m glad you noticed! X-Microsoft-Antispam is quite new and only started showing up in messages passing through EOP a few months ago. This new header currently contains two published values to help with bulk mail and phishing detection. BCL – Bulk Complaint Level PCL – Phishing Confidence Level The beauty…

7