Link to home
Start Free TrialLog in
Avatar of jwcchelpdesk
jwcchelpdesk

asked on

Office 365: Exchange Online Protection vs. Transport Rules

I have noticed that the Content Filter portion of Exchange Online Protection takes precedence over transport rules.  This results in the quarantining of several legitimate messages despite the creation of transport rules that should allow delivery.

I will use basecamp.com as an example.  Almost daily, I have to release several legitimate messages from basecamp.com.  Message traces show that the messages are being quarantined before transport rules are applied.  I have repeatedly reported false positives to Microsoft, but the problem persists.

I've tried using the content filter to add a header instead of delivering the message to hosted quarantine.  I figured that just adding a header would allow messages to pass through the content filter and then be processed by transport rules, but the messages were just being delivered to the recipients with my header inserted.

Custom content filters only allow me to create exceptions that are based on the recipient; I don't see a way to create an exception that is based on the sender.

Has anyone else experienced this issue and been able to address it?
ASKER CERTIFIED SOLUTION
Avatar of Vasil Michev (MVP)
Vasil Michev (MVP)
Flag of Bulgaria image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jwcchelpdesk
jwcchelpdesk

ASKER

Thank you.  I have decided to filter by IP address as much as possible.  I haven't responded because I wanted to make sure that the filtering was working properly.

I was not sure that I wanted to start filtering by IP address because I didn't know how I could ensure that the address ranges would stay current.  The Hurricane Electric BGP Toolkit (http://bgp.he.net/) has helped significantly.  In the case of Basecamp, its records were more complete than what basecamp.com lists.