Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Exchange Online Protection and internal email

Posted on 2015-01-20
7
Medium Priority
?
827 Views
Last Modified: 2015-01-23
Hi,

Last month we pointed our Exchange 2010 server to EOP to help reduce spam and virus problems. I set up the Exchange server to use send through EOP as well. I've been tweaking the settings as best as I can, but we are having one big problem. A lot of our internal email is being caught by the Junk Email filter in Outlook, even if we specify our domain as a safe sender. Are there any other settings I can look at whether in EOP or Outlook that could fix this? We have a lot of users missing important emails and reports that are send internally that they don't see until they check their Junk Email folder.

Thanks!
0
Comment
Question by:OrbusLLC
  • 4
  • 3
7 Comments
 
LVL 45

Expert Comment

by:Vasil Michev (MVP)
ID: 40559927
Just add some transport rules to set SCL to -1? You can also add the IPs to the IP allow list under Protection -> Connection filter. Here is an article with more details on both methods: http://technet.microsoft.com/en-us/library/jj200718(v=exchg.150).aspx
0
 

Author Comment

by:OrbusLLC
ID: 40559955
So will this work with internal IP's or do I enter my external IP's? We are in hybrid mode right now. Getting ready to move users into the cloud.

Thanks!
0
 
LVL 45

Accepted Solution

by:
Vasil Michev (MVP) earned 2000 total points
ID: 40560359
For hybrid, mail between the two organizations should be treated as internal, if it doesnt, check this article for some common causes: http://support.microsoft.com/kb/2663556

Creating transport rules with SCL set to -1 should solve any remaining cases. The Connection filter Allow list will accept private IP ranges too, but you should of course add the IP that the EOP servers 'see' (i.e. check headers).
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 

Author Comment

by:OrbusLLC
ID: 40562069
I worked with a tech from Microsoft last night on my hybrid configuration and asked him the question about internal email going to the junk e-mail folder. He said that all internal email is rated with -1 so if it's still going to junk e-mail there must be something Outlook see's. Is there a way to add our domain as a safe sender for all users? I guess it would be in group policy. But would that help? I believe I have a couple users with the address in question as a safe sender, but it still goes to junk email.

Thanks
0
 
LVL 45

Expert Comment

by:Vasil Michev (MVP)
ID: 40562080
Well, check the headers of one of those messages. If SCL is indeed -1, Outlook is to blame. If SCL is different, review the article above to make sure mail is indeed treated as internal.
0
 

Author Comment

by:OrbusLLC
ID: 40562096
Here is the one that went to Junk E-Mail, I don't even see an SCL rating!

Received: from SQLSERVER (192.168.254.8) by mail.company.com
 (192.168.254.118) with Microsoft SMTP Server id 14.3.210.2; Wed, 21 Jan 2015
 07:45:04 -0600
Thread-Topic: This was executed at 1/21/2015 7:45:04 AM
thread-index: AdA1gHXUfQq+9EY4T0qOko1pQz6QjQ==
Reply-To:
From: <admin@company.com>
To: <user@company.com>
CC: <userl@company.com>, <user@company.com>,
      <user@company.com>, <user@company.com>,
      <user@company.com>, <user@company.com>
BCC:
Subject: This was executed at 1/21/2015 7:45:04 AM
Date: Wed, 21 Jan 2015 07:45:04 -0600
Message-ID: <0496B19573FC477792F632E1C096A9AF@company.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
      boundary="----=_NextPart_000_0E78_01D0354E.2B5C39D0"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18645
Return-Path: admin@company.com
X-MS-Exchange-Organization-AuthSource: mail.company.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-Auto-Response-Suppress: DR, OOF, AutoReply
0
 
LVL 45

Expert Comment

by:Vasil Michev (MVP)
ID: 40562145
This is like internal internal one, it doesnt even go to EOP :) Change SQLSERVER to something that at least resemble an FQDN if possible, i think this is what Outlook doesnt like.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today as you open your Outlook, you witness an error message: “Outlook is using an old copy of your Outlook Data File…”. Probably, Outlook is accessing an old OST file.
Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month14 days, 19 hours left to enroll

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question