Managing spam notifications with Exchange Online Protection

Tim Tetrick

In March 2013, Microsoft released a brand new version of its email filtering service that was previously known as FOPE (Forefront Online Protection for Exchange) .  The new service is called EOP (Exchange Online Protection) , and it provides spam and malware filtering in the cloud.  EOP is included in all Office 365 for business plans and can also be purchased separately for on-premises email systems. 

We recently announced an update to this service which provides the option for end-user spam notifications and for the ability to configure the notification frequency from 1 to 15 days.  This update starting rolling out last month and is expected to be complete by the end of this month (October, 2013).

Email filtering products are very efficient at catching obvious spam, but a very small percentage of email (approximately 3%) is likely spam but can’t be positively identified.  Customers typically don’t want these email messages delivered to their inbox, but also want a way to review them just in case they are legitimate email.

EOP has two primary ways of dealing with these types of messages.  It can send these messages to the Junk Email folder in Outlook and OWA (Outlook Web App) , or it can send them to a web-based quarantine.

For customers who are used to using Outlook and Exchange, the Junk Email folder is the most common option.  However, some customers prefer to utilize the spam quarantine.  One place we commonly see this is with former Postini customers who are used to having a spam quarantine and want to continue to have one.

EOP has supported spam quarantine since its launch, but the administrator was the only one who could access the messages.  With this current update, EOP can now be configured to allow users to do self-service management of spam-quarantined messages.   And EOP can also be configured for users to receive notification emails with a summary of their messages being held in the quarantine.   These notification emails can be configured to be sent once every 1 to 15 days.

If you choose this option, here is an example of what these end-user spam notification emails look like.  If the user finds a legitimate message they can simply click the link and the message will be released and delivered to their inbox.

To learn more about how to configure and use end-user spam notifications, see these TechNet articles:

• Enable End-User Spam Notifications via Content Filter Policies
• Release a Quarantined Message and Optionally Report it as a False Positive (End Users)

You can also find additional information via this blog post.