Solved

Exchange Online Protection and internal email

Posted on 2015-01-20
7
313 Views
Last Modified: 2015-01-23
Hi,

Last month we pointed our Exchange 2010 server to EOP to help reduce spam and virus problems. I set up the Exchange server to use send through EOP as well. I've been tweaking the settings as best as I can, but we are having one big problem. A lot of our internal email is being caught by the Junk Email filter in Outlook, even if we specify our domain as a safe sender. Are there any other settings I can look at whether in EOP or Outlook that could fix this? We have a lot of users missing important emails and reports that are send internally that they don't see until they check their Junk Email folder.

Thanks!
0
Comment
Question by:OrbusLLC
  • 4
  • 3
7 Comments
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 40559927
Just add some transport rules to set SCL to -1? You can also add the IPs to the IP allow list under Protection -> Connection filter. Here is an article with more details on both methods: http://technet.microsoft.com/en-us/library/jj200718(v=exchg.150).aspx
0
 

Author Comment

by:OrbusLLC
ID: 40559955
So will this work with internal IP's or do I enter my external IP's? We are in hybrid mode right now. Getting ready to move users into the cloud.

Thanks!
0
 
LVL 40

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 40560359
For hybrid, mail between the two organizations should be treated as internal, if it doesnt, check this article for some common causes: http://support.microsoft.com/kb/2663556

Creating transport rules with SCL set to -1 should solve any remaining cases. The Connection filter Allow list will accept private IP ranges too, but you should of course add the IP that the EOP servers 'see' (i.e. check headers).
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:OrbusLLC
ID: 40562069
I worked with a tech from Microsoft last night on my hybrid configuration and asked him the question about internal email going to the junk e-mail folder. He said that all internal email is rated with -1 so if it's still going to junk e-mail there must be something Outlook see's. Is there a way to add our domain as a safe sender for all users? I guess it would be in group policy. But would that help? I believe I have a couple users with the address in question as a safe sender, but it still goes to junk email.

Thanks
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 40562080
Well, check the headers of one of those messages. If SCL is indeed -1, Outlook is to blame. If SCL is different, review the article above to make sure mail is indeed treated as internal.
0
 

Author Comment

by:OrbusLLC
ID: 40562096
Here is the one that went to Junk E-Mail, I don't even see an SCL rating!

Received: from SQLSERVER (192.168.254.8) by mail.company.com
 (192.168.254.118) with Microsoft SMTP Server id 14.3.210.2; Wed, 21 Jan 2015
 07:45:04 -0600
Thread-Topic: This was executed at 1/21/2015 7:45:04 AM
thread-index: AdA1gHXUfQq+9EY4T0qOko1pQz6QjQ==
Reply-To:
From: <admin@company.com>
To: <user@company.com>
CC: <userl@company.com>, <user@company.com>,
      <user@company.com>, <user@company.com>,
      <user@company.com>, <user@company.com>
BCC:
Subject: This was executed at 1/21/2015 7:45:04 AM
Date: Wed, 21 Jan 2015 07:45:04 -0600
Message-ID: <0496B19573FC477792F632E1C096A9AF@company.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
      boundary="----=_NextPart_000_0E78_01D0354E.2B5C39D0"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18645
Return-Path: admin@company.com
X-MS-Exchange-Organization-AuthSource: mail.company.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-Auto-Response-Suppress: DR, OOF, AutoReply
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 40562145
This is like internal internal one, it doesnt even go to EOP :) Change SQLSERVER to something that at least resemble an FQDN if possible, i think this is what Outlook doesnt like.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Adoption of Microsoft’s Enterprise Mobility and Security solution and Office 365 will re-order the File Sync and Share market Microsoft has stated that its Enterprise Mobility + Security (EMS) is the fastest growing product in the history of the …
This Experts Exchange lesson shows how to use VBA to loop through rows in Excel.  In order to sort, filter, and use database features, there needs to be a value in each column for every row. When data arrives with values missing, code to copy values…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question