Office 365 message filtering (and a horrible little bug that leaves email addresses exposed…)

This content is 14 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

One of my concerns with my recent switch from Google Apps Mail to Microsoft Office 365 was about spam email. You see, I get none.  Well, when I say I get none, I get plenty but it’s all trapped for me. With no effort on my part. Only a handful of missed spam messages in the last 2 or 3 years and almost as few false positives too.

I’ve had the same email address for about 12 years now (I think), and it’s been used all over the web. Some of my friends are more particular though – and, perhaps understandably, were annoyed when I accidentally emailed around 40 people with e-mail addresses visible in the To: field today. Except that I hadn’t intended to.

I think I’ve found a bug in Office 365’s Outlook Web App (at least, I hope it’s not closed as “by design”, assuming I find out how to file a bug report). If I send to a distribution group, it automatically expands the addresses and displays them to all recipients. That’s bad.

The annoying thing is that, previously, I had been BCCing the recipients. I have a feeling that at least one organisation was rejecting my mail because there was nothing in the To: field (although it didn’t like Google’s propensity to send mail from one domain “on behalf of” another address either), so I thought I’d use a list instead and the recipients would see the list name, rather than the actual email addresses. Thankfully it was only sent to my closest freinds and family (although that’s not really the point).

So, back to spam and Office 365 – does it live up to my previous experience with Google Apps Mail? Actually, yes I think it does. I’ve had to teach it a couple of safe senders and block a couple of others, but it really was just a handful and it’s settled down nicely.

All of Microsoft’s cloud-based e-mail services use Forefront Online Protection for Exchange. Enterprise administrators have some additional functionality (adapting SCL thresholds, etc.) but things seem to be working pretty well on my small business account too. Digging around in the various servers that the mail passes through sees hosts at bigfish.com and frontbridge.com – Frontbridge was an aquisition that has become part of Exchange Hosted Services (and it started out as Bigfish Communications) – so the technology is established, and another Microsoft property (Hotmail) is a pretty good test bed to find and filter the world’s spam.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.