How to make sure False Positive Email are not getting blocked by O365 ?

This post is created by my friend and colleague Santosh Poojari. He is working Cloud Partner Services along with me. Santosh is an SME in FOPE. Enjoy the post.

Emails can we blocked by Anti-Spam application for number for reason, to list some reason:

1) Bulk emails

2) If IP address sending the email is in list of bad IP address

3) Blacklisted email address.

and this list can go on, but has an administrator we have to ensure that because of this odd reason we have to ensure our end users receives all genuine email. So how to achieve the same.

Here I would share best practice in Exchange Online Protection to ensure your email is not blocked because of Anti-Spam filters. In Exchange Online Protection Anti-Spam works

1) Connection Filtering: The SPAM filter check for the connecting IP address in allowed or block list. Please find the attached screenshot how to allow IP address in EOP.

a) Login to Exchange Admin Center è Protection Link è Connection Filter è Click on Pencil (Edit Mode)

b) To Allow IP address click on connection filtering è Add the Connecting IP address of the sending domain to the allow list, you can specify individual IP address (format: 202.81.133.26 ) or a range if IP address (format: 202.81.133.0/24)

Connection level of filtering is the best way to prevent genuine email to get blocked in domain level. But in some scenarios we would not go with connection filtering and wanted to white-list using sender domain or white-list using sender email address, same can be achieved using “Transport Rule”

We would talk more about Content filtering and Transport Rule to override the Content and Connection filtering set at domain level.  

https://technet.microsoft.com/en-us/library/jj200718(v=exchg.150).aspx

https://technet.microsoft.com/en-us/library/jj200762(v=exchg.150).aspx