Office 365 Spam Filtering

Hello Everyone,

I am asking this question just to make sure that all bases are covered.

I have a client who has been in regular communication with a customer via email. One or two emails (out of dozens) haven't arrived. We look in the message tracking logs, do a variety of searches, and these emails do not appear in any log. Nothing in Quarantine, Junk Folder, anything.

If a message was received by the O365 servers and was blocked for any reason, shouldn't that show up in the log detailing why?
Is there some kind of 'perimeter' filter that may have blocked a message prior to it getting to a place where it shows up in my clients O365 logs?

The customer received no NDR, and when they resent (i.e. forwarded from their Sent Items) it did appear at my client.

The customer is at home and uses the email address supplied by her (big) ISP. Troubleshooting on that end is limited.

There isn't an issue with attachment size (one email had attachments, the other did not). The only thing that was a bit off was that it was a long email chain of a lot of replies back and forth. And, if it matters, there was some (very slight) language in the email.

Am I missing something here I don't know about O365?
tnormanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
Yes, there is a perimeter filtering, but that should only block the most obvious spam messages and malware. Everything else should be visible in the message trace (well up to a certain date).

The other possibility is that the email never reached O365 servers. It's best if you ask the sending party to perform a trace on their end, if possible.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Adam BrownSr Solutions ArchitectCommented:
It's possible the message was initially flagged by the malware filter. Messages that get dropped by that are usually killed before they hit any logs.
0
Greg BessoIT Solutions EngineerCommented:
One way we ensure users can receive incoming email from known trusted senders when using Exchange Online Protection is to run a pair of Exchange PowerShell commands. The update then replicates up to Office 365 Azure AD and that mailbox will not block emails from these senders. It's really been working well. In case you may want to try, here is the snippet...

Get-Mailbox -Identity "receiver@yourDomain.com" | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains @{Add="sender@theirDomain.com"}

Open in new window


Also you can just put a theirDomain.com to blanket allow that company. Also we wrap this in a PowerShell GUI application to make it really easy to mass-manage this for many users or groups within the company, as that type of issue comes up pretty frequently.
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

tnormanAuthor Commented:
Is there any way to view what was filtered by the perimeter filter or the malware filter?
0
Vasil Michev (MVP)Commented:
No, only some raw numbers for the amount of blocked mail. Best ask for a trace on sender's side IMO.
0
tnormanAuthor Commented:
Thanks everyone for their input, and Whoajack for the note about allowing emails.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.