Deprecating support for SmartScreen in Outlook and Exchange


What are we announcing?

  1. On November 1, 2016, Microsoft will stop generating updates for the SmartScreen spam filters in Exchange Server 2016 and earlier (2013, 2010, 2007), Outlook 2016 for Windows and earlier (2013, 2010, 2007) and Outlook 2011 for Mac.
  2. The SmartScreen spam filter will be removed from future versions of Exchange Server and Outlook for Windows. (SmartScreen is not available in any other version of Outlook).
  3. This announcement does not affect the SmartScreen Filter online protection features built into Windows, Microsoft Edge and Internet Explorer browsers. While branded similarly, those features are technically distinct. These SmartScreen Filters to help people to stay protected from malicious websites and downloads.

What is SmartScreen? What does it provide customers today?

In Exchange and Outlook, SmartScreen is a spam content filter. It evaluates each message and returns an overall Spam Confidence Level (SCL). Items that are rated as spam are sent to Outlook’s Junk folder.

Microsoft provides periodic updates to the filters, and administrators and users can download and install the updates to improve their junk email protection. For more details, see articles describing how this was done for Exchange Server and Microsoft Outlook.

In Windows, Microsoft Edge and Internet Explorer browsers, the SmartScreen Filter online protection feature helps consumers to stay protected from malicious websites and downloads. This feature is not affected and it is not subject of the today’s announcement.

Why is Microsoft deprecating support for SmartScreen in Outlook and Exchange?

SmartScreen spam filters in Outlook and Exchange Server have become obsolete and have been replaced by Exchange Online Protection (EOP), a more effective cloud-based email filtering service. EOP is built into all Office 365 and Outlook.com accounts and available for purchase to protect on-premises Microsoft Exchange Server.

This spam filtering technology was first released in 2003, which provided Outlook and Exchange a content filter able to identify spam campaigns and direct them to the Junk folder. As spammers have evolved and increased the volume and sophistication of their attacks, this type of spam prevention is no longer a useful way to prevent spam.

For example, spammers now routinely randomize their campaigns and use reputation hijacking from legitimate sending domains to trick content filters. Spam attacks no longer take days and weeks em; they often complete or significantly morph within minutes. To be effective, filters should be real-time, always tapping into the intelligence of email campaigns happening within recent minutes or hours.

Further, SmartScreen often conflicts with EOP (or other 3rd-party cloud filtering solutions). This is especially painful when emails declared legitimate by upstream filters or administrator policies (e.g. IP Allow Lists, ETRs) are actually junked by SmartScreen, because SmartScreen is unaware of the upstream settings.

Microsoft developed Exchange Online Protection to protect Office 365 and Outlook.com mailboxes and remove the need for SmartScreen. Most customers using Exchange Server (on-premises) have either added EOP or use a 3rd-party filtering service or appliance to sanitize their mail flow.

What is Exchange Online Protection (EOP)?

Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that helps protect end users and organizations against spam and malware, and includes features to safeguard organization from messaging-policy violations. EOP is backed by a modern spam filtering stack, where content filters have a lesser role and sending IP and domain reputation, authentication, campaign detection, and spammer hosting infrastructure reputation are now responsible for filtering.

For more details, review the EOP documentation on TechNet and this help article on Office 365 email anti-spam protection.

What will happen on November 1, 2016?

Microsoft will stop producing new spam definition updates to the SmartScreen filters in Exchange and Outlook. The existing SmartScreen filter and definitions will be left in place, and continue to provide a basic level of protection. The current definition will continue to junk some obvious spam emails, with an effectiveness that will degrade over time.

As stated above, most users are protected by superior spam filtering arrangements and should not experience any change in their email experience or see an increase in spam.

Again, this change does not affect the SmartScreen Filter online protection feature built into Windows, Microsoft Edge and Internet Explorer browsers.

Will the deprecation of SmartScreen have any impact on users using Outlook with Office 365 or Outlook.com?

No. Customers using Outlook with Office 365 (for work email) or Outlook.com (for personal email) already have the advanced spam and malware protection found in Exchange Online Protection built into those services. These customers don’t need to take any action.

Note: Some Office 365 customers may have replaced EOP with a 3rd-party filtering solution. Those customers will also continue to be protected by those solutions and do not need to take any action.

Will the deprecation of SmartScreen have any impact on users using Outlook with Exchange Server (on-premises)?

Most likely not. Due to the reasons stated earlier, SmartScreen has stopped being a useful tool for combatting spam. The vast majority of customers using Exchange Server have either added Exchange Online Protection or use a 3rd party filtering service or appliance to sanitize their mail flow.

Customers using Exchange Server should ensure they have their spam protection solution properly configured before November 1, 2016. Customers not using a separate antispam solution today can purchase Exchange Online Protection for $1/user/month.

Will the deprecation of SmartScreen have any impact on users using Outlook with Gmail, Yahoo or other online email solutions?

Customers using Gmail, Yahoo or other online email solutions will be protected by the spam and malware protection found in those services.

How does this deprecation impact Outlook’s Junk Email Options?

Outlook’s Junk Email Options stay the same. Since the existing SmartScreen filter and definitions will be left in place, the Options tab will continue to control the SmartScreen protection level. As noted above, those definitions will continue to junk some obvious spam emails, with an effectiveness that will degrade over time.

The other tabs are user driven settings and not related to SmartScreen. They will be unaffected by this change (e.g. items in your Safe/Blocked Senders list will still be filtered per your settings).

Check out this help article for more on how the Junk Email options work.

image

Will I still have a Junk folder in Outlook?

All customers will continue to have a Junk folder.

For customers using Outlook with their mailbox in Office 365 or Outlook.com, emails landing in the Junk folder will be determined by Exchange Online Protection (or a 3rd-party solution) or by Outlook’s Blocked Senders list.

Customers using Outlook with other email servers or services will benefit from upstream email filtering (such as EOP or 3rd party solutions) in their respective environments. These email providers and filters will send items to Outlook’s junk folder.

Does this affect the SmartScreen technologies in Windows, Edge and Internet Explorer?

As stated earlier in this article, deprecating SmartScreen in Exchange and Outlook does not impact the SmartScreen Filter online protection feature built into Windows, Microsoft Edge and Internet Explorer browsers to protect users from malicious websites and downloads. Those protection tools will remain in place. For more information on how these SmartScreen technologies provide protection, see this link for Windows and this for Edge.

The Exchange Team

Comments (14)

  1. I guess that makes sense, considering how spam campaigns have changed over the years. I remember how well this worked back in 2003.

  2. Asbjørn says:

    So, you’re saying you are making an e-mail program that now has no built-in spam filter. Come on! That is ridiculous. If you’re using POP3 or IMAP, you’re basically screwed now.
    Now, the existing Outlook spam filter isn’t exactly the world’s greatest, but you should improve it, not remove it. How can you think of having e-mail without a spam filter. You are going to have a lot of angry users, I can tell you. And, most likely, you’ll drive them off Microsoft products for good.

  3. If I do a fresh install of Office in Decebmer 2016, will I get any SmartScreen definitions ?

  4. Mike Crowley says:

    Good decision. In today’s landscape, this feature only added complexity with out net benefit. As long as Exchange continues to process SCL headers, this change will likely go unnoticed (a good thing).

    1. Mihai Costea says:

      Indeed the SCL processing with Organizational Headers/Firewall will remain unchanged. This mechanism is critical to cloud providers (including EOP) to placing spam in the junk folder.

  5. Wolfgang says:

    Oh no!

    We just bought 6 servers (2 per datacenter) for Exchange 2016 Edge role and are using a 3rd party AV on it.
    We are a 3000 mailbox financial corp. and never had any problems with Smartscreen.

    I was just using the .\get-AntispamSCLHistogram.ps1 (all above SCL 5 is being rejected) and we heavily rely on the screening and the SCLs. Of course we are using RBLs as well, but still we do see a lot of mails with an SCL above 5….

    To me it looks like that you want all the traffic in the cloud and customers who were using products like Exchange Edge are now screwed. For what reason should I still use Exchange Edge server?

    The product itself without being able to protect against spam is almost useless in my opinion (except the use of RBLs, routing and header firewall). We remember when you discontinued the multi engine anti-virus product (Forefront Protection 2010 for Exchange Server) and moved it to the cloud. Now you are doing something similar with one of the last good features of Edge on premise.

    Also the timing is more than not ideal. Your “German cloud” still doesn’t exist and we don’t know if you’ll even offer EOP in the German cloud.
    We do work in the financial industry and our customers expect us to handle their financial data and conversations directly and not to use EOP with some servers based in countries where we can’t ensure that our customers data is save from being spied on.

    You still advertise Edge as:
    Edge Transport servers handle all inbound and outbound Internet mail flow by providing mail relay and smart host services for your Exchange organization. Agents running on the Edge Transport server provide additional layers of message protection and security. These agents provide protection against viruses and spam and apply transport rules to control mail flow. All of these features work together to help minimize the exposure of your internal Exchange to threats on the Internet. https://technet.microsoft.com/en-us/library/bb124701(v=exchg.160).aspx
    After almost 10 years of being a loyal Exchange Edge user it seems like that we now have to look for another solution e.g. Ciscos Email Security Appliances.

    Please feel free to contact me and maybe you can let your customers in Germany know if you can offer EOP in the German cloud as well.

    Thank you.

    1. @Wolfgang: Quick note on data center roadmap. As announced today, Azure and Office 365 are now available from two new regions in Europe. This takes the number of regions in Europe (where services are generally available) to four, with two new regions in Germany “coming soon”, as shown on the Azure Regions page.

    2. @Wolfgang: Earlier this week, Microsoft announced the two new regions in Germany – Germany North East and Germany Central, along with a new data trust model for compliance in EU/EFTA. See http://aka.ms/AzureMap, and the following:
      Microsoft Azure Germany Now Available via Innovative First-Of-A-Kind Cloud Model for Europe
      Microsoft Azure Germany
      White Paper-Microsoft Cloud Germany-Compliance in the cloud for organizations in EU/EFTA

  6. Wes Witt says:

    Is it possible to use the new EOP with an Exchange Server 2016 mailbox server? Meaning not an Office365 hosted server. I’m hosting the mail server on my premises. This article seems to indicate that this is possible, but I cannot find any instructions on how to do it.

    1. Yes, EOP can be used as a mail gateway for your on-premises Exchange organization. See Setup your EOP service and Set up connectors to route mail between Office 365 and your own email servers.

  7. James S says:

    Exchange 2010 is still in Extended Support and IMF updates form part of this support – so for MS to renege on their agreement mid-term is an absolute disgrace. Our 3rd party filtering sits on top of IMF and is still *very* accurate and effective – so this move is nothing more than MS squeezing another revenue stream out of customers.

    Would anyone at MS care to explain why making this change *during* the agreed Extended Support lifecycle is acceptable?

  8. Mark Hughes says:

    So you are saying content filtering is obsolete?
    Are you telling me that EOP does not perform any Content analysis? I mean if I send an email full of typical spam keywords you don’t flag that if I have a good reputation? Can someone running EOP test and post back.

    I am pretty sure many will not go for EOP if it doesn’t even perform the most trivial thing i.e. checking what’s in the content.

    1. Content filtering is not obsolete. EOP still does content filtering. See Exchange Online Protection Overview.

      The SmartScreen technology, which initially debuted with Exchange 2003’s Intelligent Message Filter, is being deprecated, so there won’t be any antispam updates for Content Filter. See Understanding Anti-Spam Updates > Content Filter updates. The Content Filter agent will still be active, your keywords etc. will still work, but the efficiency of definition-based filtering will decrease over time in Exchange Server (and in Outlook).

  9. tn says:

    Outlook.com is covered by the new technology. What about Hotmail addresses? All month I’ve seen a large increase in the amount of spam in my Hotmail inbox. How do I combat that?

Skip to main content