Skip to main content

Users are receiving Spam mails



Ø  Share few spam emails along with email headers for analysis.
Ø  To get email headers of the spam emails, you may use below steps:
>>Double click the email for which email headers needs to be extracted.
>> Go to file menu ->Properties.
>> Copy the content under Internet headers and paste in notepad.
Ø  If emails are from shopping sites or related to it, create below transport rule to block these emails:
>> Go to O365 ->Exchange ->Mail flow ->Rules
>> Create a new rule by clicking on ‘+’ sign
>> Click on “More options”.
>> Add the condition as “The subject or body..” and choose “subject or body matches these text patterns”.
>>Add below patterns in dialog box and click on + with each added pattern.
1.       If you are unable to view the content of this email\, please
2.       \>(safe )?unsubscribe( here)?\</a\>
3.       If you do not wish to receive further communications like this\, please
4.       \<img height\="?1"? width\="?1"? src\=.?http\://
5.       If you would prefer not to receive e\-?mails from
6.       To stop receiving these\s+emails\:http\://
7.       To unsubscribe from \w+ (e\-?letter|e?-?mail|newsletter)
8.       no longer (wish )?(to )?(be sent|receive) \w+ email
9.       If you are unable to view the content of this email\, please click here
10.    To ensure you receive (your daily deals|our e-?mails)\, add
11.    If you no longer wish to receive these emails
12.    to change your (subscription preferences|preferences or unsubscribe)
13.    click (here to|the) unsubscribe
>> Add the action as either “Block the message..” or “Redirect the message to hosted Quarantine”.
>> Click on “Stop processing more rules” and save it.
Note: The above list isn’t an exhaustive set of regular expressions found in bulk emails; more can be added or removed as needed. However, it’s a good starting point
Ø  If emails are coming from specific sender or domain, below rule would help:
>>Create a new rule by clicking on ‘+’ sign
>> Click on “More options”.
>> Add the condition as “The sender domain is” or “The sender is this person”
>>Add the domain name or email address.
>>Add the action as either “Block the message..” or “Redirect the message to hosted Quarantine”.
>> Click on “Stop processing more rules” and save it.
Ø  If you are unable to create Transport rule, you may block user’s or domain in you OWA settings using below steps:
>>Go to OWA ->Gear button ->Options
>>Go to Block or Allow.
>>Add the email address or domain in Block senders and save it.

I would request you to download "Microsoft Junk E-mail Reporting Add-in" through below link and report the Spam emails.

I request you to please report Junk emails to Microsoft through Outlook. You could also refer to below link for more information on reporting Junk emails to Microsoft.

I am providing you with below links related EOP which might interest you:
Different anti-spam policies in Exchange Online: http://technet.microsoft.com/en-us/library/jj200687(v=exchg.150).aspx


Comments

  1. Jack Leach17 February 2020 at 17:07

    It was a nice article. Thank you for your valuable information. visit us if you have further queries regarding on Email Spam Blocker For Android

    ReplyDelete

Post a Comment

Popular posts from this blog

Error - QuarantinedAttributeValueMustBeUnique

Case History. 1. Client already had users created in office 365 2. Client wanted to setup SSO for office 365 users Approach for requirement fullfilment   1. Deployed and configured Azure AD connect      95% users were synced and soft match was successfully done  5% users were getting error - QuarantinedAttributeValueMustBeUnique  (to view the sync issues -  https://aad.portal.azure.com/#blade/Microsoft_Azure_ADHybridHealth/AadHealthMenuBlade/SyncErros )  When we checked 2 users were found under Active users  1. one in Cloud (this was created earlier/ already existed ) with active licenses and Mailbox 2. one unlicensed synced with AD Solution - 1. Delete the unwanted user in Azure or AD as per this document.  https://blogs.msdn.microsoft.com/hkong/2017/03/23/how-to-fix-attributevaluemustbeunique-error-message-when-trying-to-sync-an-object-from-on-premises-active-directory-to-office-365/ ...
Post a Comment
Read more

Error - AttributeValueMustBeUnique in Azure AD connect sync

My customer had already created accounts in office 365 and managing them in Azure, however due to some changes in business they wanted to sync AD with Azure to sync Password and Manage Identity form AD. Solution - Deploy Azure AD connect on ADDC, and post that it will do a Soft Match. However there were error with some users, their identities did not sync and their status still reflected as Azure AD. Error -  Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:user@domain.com;].  Correct or remove the duplicate values in your local directory.  Please refer to http://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values. Tracking Id: b8367c95-ae67-46e1-xxxx-xxxxxxxxxx ExtraErrorDetails: [{"Key":"ObjectId","Value":["cd088468-bb6a-4...
4 comments
Read more

Block users from saving data on System Drive on Intune Managed Device

Recently i delivered a project for Intune Deployment and came up with a requirement as follows End Users Should not be able to save data locally on C or D Drive, instead they should be allowed to save data only in One Drive for business (synced with System)  Based on the requirement i did my research and found the Following. its possible to control the Local System settings on a Azure AD joined Machine and Managed by Intune. There is no options to define exceptions in policies to allow data saving in certain folders.  Now most of us will think WIP (windows information protection) policy will help us protecting the data on device, however that's not completely true as . User can change the File Ownership to personal if the WIP policy is set to Allow Override. User can save the file locally on the system User will not be able to copy the data from work file to Personal file if policy is set to Allow override. Unenlightened apps cannot differentiate between personal and corporate...
Post a Comment
Read more