Thursday, January 11, 2018

Prevent email from being marked as spam in EOP and Office 365

Prevent email from being marked as spam in EOP and Office 365

Exchange Online or Exchange Online Protection (EOP) administrators with the appropriate access credentials can use these steps to help ensure that an email message traveling through the service isn't marked as spam.

It can be frustrating to have legitimate, good email quarantined or blocked as spam and landing in a quarantine folder. You can use a safe sender list or a mail flow rule to bypass spam filtering and prevent good email messages from getting marked as junk mail. When a message is incorrectly marked as spam by the spam filter, it's called a false positive. The Office 365 spam filter also provides some options that end users can customize in order to help prevent false positives.

If you're looking for help with false negative mail, that is, a spam message that gets through when it shouldn't, check out the tips in Block email spam with the Office 365 spam filter to prevent false negative issues.

EOP-only customers: use directory synchronization

EOP is a cloud-based email filtering service that helps protect your organization against spam and malware. If you have mailboxes in Office 365, they are automatically protected by EOP since it is part of the service.

If you're an EOP-only customer, that is, you subscribe to the EOP service for use with your on-premises Exchange Server, you should sync user settings with the service by using directory synchronization. Doing this ensures that your safe senders lists are respected by EOP. For more information, see "Use directory synchronization to manage mail users" in Manage Mail Users in EOP.

Prevent false positive email by using the connection filter's IP allow list

If you find that a sender's email is always moved to the Junk folders in your organization, you can add the email sender's IP address to your connection filter's IP allow list. Normally, this prevents false positive responses for this sender for all recipients within your organization. The exception is when a user enables the option "Safe Lists Only: Only mail from people or domains on your Safe Senders list or Safe Recipients List will be delivered to your Inbox" in Outlook and does not add that sender to the Safe Sender List. For information on overriding that option, see Troubleshooting: A message ends up in the Junk folder even though EOP marked the message as non-spam.

To add an IP address to your connection filter's IP allow list

  1. Obtain the header from a message sent by the sender that you want to allow. You can do this from your mail client such as Outlook or Outlook on the Web, as described in Message Header Analyzer.

  2. Manually search for the IP address following the CIP tag in the X-Forefront-Antispam-Report header or by using the Message Analyzer tab of the Remote Connectivity Analyzer.

  3. Add the IP address to the IP allow list by following the steps in "Use the EAC to edit the default connection filter policy" in Configure the connection filter policy.

Prevent false positive email by configuring spam filter policies

You can add domains or individual email addresses to an allow list by following the steps in Configure your spam filter policies.

Review your advanced spam filter policies

If you have special restrictions set up in a spam filter policy, for example, if you have blocked an entire domain, you should review them to check if they may be causing false positives. See Configure your spam filter policies, and turn off additional Advanced spam filtering options that might cause messages to be marked as spam.

Help your end users create a safe sender list to prevent good email from being marked as spam

Tell your users to add addresses from senders that they trust to their safe sender list in Outlook or Outlook on the Web. To get started in Outlook on the Web, choose Settings ConfigureAPowerBIAnalysisServicesConnector_settingsIcon > Options > Block or allow. The following diagram shows an example of adding something to a safe sender list.

Adding a safe sender in Outlook Web App

EOP will honor your users' Safe Senders and Recipients, but not Safe Domains. This is true regardless of whether the domain is added through the Outlook on the Web, or added in Outlook and synchronized using Directory Sync.

Troubleshooting: A message ends up in the Junk folder even though EOP marked the message as non-spam

If your users have the option in Outlook enabled for "Safe Lists Only: Only mail from people or domains on your Safe Senders list or Safe Recipients List will be delivered to your Inbox", then all email will go to the junk folder for a sender unless the sender is on the recipient's Safe Sender list. This will happen regardless of whether EOP marks a message as non-spam, or if you have set up a rule in EOP to mark a message as non-spam.

You can disable the Safe Lists Only option for your Outlook users by following the instructions in Outlook: Policy setting to disable the Junk E-mail UI and filtering mechanism.

If you view the message in Outlook on the Web, there will be a yellow safety tip that indicates that the message is in the Junk folder because the sender is not on the recipient's Safe Senders list.

If you look at the header of a message, it may include the stamp SFV:SKN (IP Allow or ETR Allow) or SFV:NSPM (non-spam), but the message is still placed in the user's junk folder. There is nothing in the message header that indicates that the user has "Safe Lists Only" enabled. This happens because the "Safe Lists Only" option set by users in Outlook overrides the EOP setting.

To verify why a message from a safe sender is marked as non-spam in the message header, but still ends up in the user's Junk folder

  1. To learn how to connect to Exchange Online PowerShell, see Connect to Exchange Online PowerShell.

  2. Run the following command to view the user's junk email configuration settings:

    Get-MailboxJunkEmailConfiguration example@contoso.com | fl TrustedListsOnly,ContactsTrusted,TrustedSendersAndDomains

    If TrustedListsOnly is set to True, it means that this setting is enabled. If ContactsTrusted is set to True, it means that the user trusts both Contacts and Safe Senders. The TrustedSendersAndDomains lists the contents of the user's Safe Senders list.

The short icon for LinkedIn Learning. New to Office 365?
Discover free video courses for Office 365 admins and IT pros, brought to you by LinkedIn Learning.

Still need help?

Get help from the Office 365 community forums Admins: Sign in and create a service request Admins: Call Support

See Also

Overview of the Junk Email Filter

Block or allow (junk email settings)

Block email spam with the Office 365 spam filter to prevent false negative issues

2 comments:

  1. Microsoft Office Tutorials: Prevent Email From Being Marked As Spam In Eop And Office 365 >>>>> Download Now

    >>>>> Download Full

    Microsoft Office Tutorials: Prevent Email From Being Marked As Spam In Eop And Office 365 >>>>> Download LINK

    >>>>> Download Now

    Microsoft Office Tutorials: Prevent Email From Being Marked As Spam In Eop And Office 365 >>>>> Download Full

    >>>>> Download LINK Zl

    ReplyDelete
  2. e-mail protection

    Spixnet bietet sichere, verschlüsselte und vertrauliche E-Mails aus switzerland. Der streng vertrauliche E-Mail Dienst schütz, ist sicher und voll verschlüsselt.


    To Get More Information - Spixnet.at

    ReplyDelete