What is consider as malicious in the email fromat that we sent?


I have a user who send email with url to more then 100 000 recipients. The 365 ATP Safe Link block its.

I know I can create an exception rule but the real root cause is still there because the other mail servers proctection (others mailfilter) will might block it too. My question is how can I know what is consider as malicious in the email fromat that we sent. Like that I can explain to user to not add this or do that.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
The best thing you can do is check the headers, then compare them against the information in this article: https://docs.microsoft.com/en-us/office365/securitycompliance/anti-spam-message-headers
That, and opening a support case to get this investigated by someone from the EOP team.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Primary factor is where URL terminates after all redirects resolve.

If the terminating page is flagged for malware or other infraction, then best not to create an exception. If you do, then the sender/IP reputation can be downgraded + your deliverability will then go to zero.

Better to determine exactly why the block was initiated.

This will require having exact information. There's no way to guess at this.

Exact information - either post your entire email message or hire someone to audit your message + all links + link termination.

Not overly difficult to determine exact problem + this process can be time consuming, sometimes.
JohnBusiness Consultant (Owner)Commented:
Graphical Signatures often cause issues. Reduce these to plain, short text.

Many pictures - inline mostly but sometimes attachments are another source of problems.

Too many emails is another issue.

For 100,000 emails, use Constant Contact (or like) as the email sending outfit. They are known to many and their emails do not usually cause issues.
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

David Johnson, CD, MVPOwnerCommented:
You also realize that you are limited to 1,000 address limit for sending
Andrew LeniartEE Senior Editor & Independent IT ConsultantCommented:
I have a user who send email with url to more then 100 000 recipients.
That will be a large part of the problem IMO.

I would suggest doing such mailouts using either an online mailout service like Mail Chimp, or if you want to avoid the expense of on-going subscription fees and do it locally, try something like SendBlaster Pro, which I use myself and recently wrote an article about here:


Alternatively, if you just want to know how to lower the spam score on your mailouts, install the Free version of SendBlaster and run your emails through that before sending. It has a built in Spam Score checking facility and gives suggestions on what you can do to lower the chances of your mailouts being seen as spam. More info in the above article I wrote.

I hope that's helpful.

Regards, Andrew

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SAM2009Author Commented:
Thanks to all for your suggestions!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.