EOP Field Notes

Exchange Online Protection: Notes from the field

EOP Field Notes

  • Best Practices for Finding Executable Content

    This article may be common knowledge for some, but it is important to revisit and refresh outselves on. You may be aware of what content EOP will flag as being executable, or you may not. In either case, I think this is an important topic so sit back...
  • P2 Headers Now Respected for End User Safe and Blocked Senders Lists

    Exchange Online Protection will now evaluate both the P1 and P2 headers in a message against an end users safe and blocked senders list. I know, I’m super excited too! Previously only the P1 header of a message was compared to these lists. Not only...
  • Best Practice: Don’t Daisy Chain Filtering Services

    Daisy chaining filtering services is something I often see as a temporary configuration when a customer is transitioning from a previous solution to Exchange Online Protection. I also see this when customers are testing EOP and don’t want to take...
  • Inbound Connector Configuration You’ll Want to Avoid

    I recently worked with a customer who had a configuration in their EOP outbound connector that broke inbound mail for a newly added domain. I want to share this tale in hopes that you not only learn more about EOP partner connectors, but that you decrease...
  • Behavior Change When Setting the SCL with a Transport Rule

    With my coffee currently in one hand, it would be very useful if I could type with only my other hand. Alas I cannot, so I’ll be typing this article with both hands while my coffee waits for me. With none of this at all being relevant to this blog...
  • Special Case, Set SCL to 0

    Update (August 28, 2014) - Setting the SCL with a transport rule to anything from 0 to 4 will cause the behavior that is described in this article. This is a scenario I’ve wanted to write about for some time now as it isn’t very intuitive...
  • Importing Safe and Block Lists with PowerShell

    I just dropped my van off for some maintenance at the dealership and am currently waiting for a shuttle to take me to the office. As I sit here I’m thinking about EOP and PowerShell and have come up with a great idea for this week’s article...
  • One MX to Rule Them All

    Before I start I would like to call out that I think this is the best blog title that I have come up with to date. Surprisingly, or maybe not, I thought of this title and article while I was playing Ultimate Frisbee. My mind was obviously not in the game...
  • Is X-Microsoft-Antispam a New EOP Header

    Yes, yes it is, and I’m glad you noticed! X-Microsoft-Antispam is quite new and only started showing up in messages passing through EOP a few months ago. This new header currently contains two published values to help with bulk mail and phishing...
  • Quarantine and PowerShell

    The EOP online quarantine is a wonderful feature that can be easily managed through the Office 365 Portal. However, if you are looking for more functionality and flexibility with quarantine management, you’ll need to turn to PowerShell. Before...
  • Verifying ESN Delivery

    So, you have decided to use the Exchange Online Protection (EOP) quarantine and have enabled End user Spam Notifications (ESN). Great choice! Now, after a couple of days have passed, you are wondering if everything is working as it should. How can you...
  • Advanced Spam Filtering and X-CustomSpam

    When a legitimate message is marked as spam, the first question usually asked is “why?” It can sometimes, but not always, be quite difficult to find the explanation. If an enabled Advanced Spam Filter (ASF) option has caused the spam detection...
  • On-Premises Delivery Failover

    Organizations with on-premises mail environments often will have a primary site and at least one backup site. When Exchange Online Protection is being used to protect those on-premises mail environments, the ideal configuration would have EOP only delivering...
  • The Resolver

    While “The Resolver” would be a great nickname for a councillor, that’s not quite what we are talking about here. When processing inbound messages, Exchange Online (not EOP Stand Alone) will always resolve the recipient to the primary...
  • Office 365 for Business Public Road Map & First Release Program

    Yesterday we released details on two very exciting items, the Office 365 for business public roadmap and the First Release Program . On a personal side, I am very excited about both of these items because first, I’m a big advocate of transparency...
  • Outbound Connector Smart Host Behavior

    If you have an on-premises mail environment that you are protecting with Exchange Online Protection (EOP) then you’ll need to create some connectors in the cloud. This article is going to focus on EOP Outbound Connectors and how they deliver mail...
  • Prevent DLs From Receiving ESNs

    I’m often asked how to prevent an End user Spam Notification (abbreviated as ESN from this point on) from being sent to a distribution list (abbreviated as DL from this point on). Before getting to the answer, let’s start off with some background...
  • Great Sessions from TechEd North America 2014

    Last month I attended TechEd North America 2014 in Houston Texas. In addition to attending some incredible sessions, I also presented one on Exchange Online Protection. This article contains a summary of the sessions I found to be interesting and valuable...
  • TLS, Connectors, and You

    Update (September 3, 2014) I was recently involved in a case where a customer needed more information about the certificate that EOP presents. Being the nice guy that I am, I wanted to share it here! As mentioned in this article, the CN of the certificate...
  • Inaugural post

    In my current role I work with customers who are implementing Exchange Online Protection. From working on the ground floor I have come to realise that there are a lot of intricacies with the product that can often only be discovered with experience. Our...