Share via

Exchange Online Non-Spam Emails Going Directly to Quarantine

Michael Adams 366 Reputation points
2021-04-09T22:13:49.28+00:00

I have emails from one customer where every email received by my Exchange Online (Office 365) account are going to Quarantine. I have other emails from other domains that are not spam also going to Quarantine, too. I had my customer send me an email saying "This is a test", and it was Quarantined. In addition, my customer's domain is not only any spam list. Something is horrible broken on Exchange Online. I can't add every domain to an allow list and I can't predict which domains I will receive emails from. Nor can my customer's go ask every company they email to contact their IT department ahead of time to put the domain on an Allow List. In other words, Microsoft's spam filtering is a business killer. I can pinpoint when this started to the day, March 27th.

So the questions are:

1) What happened to the spam filtering on March 27th where it is now 100% inaccurate?
2) How does a company get their domain off Microsoft's inaccurate spam block list?

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,195 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 157.8K Reputation points
    2021-04-09T22:24:00.81+00:00

    Usually messages are categorized as junk or phish if they fail to pass to necessary auth tests.
    If an org was on a block list, the message would be rejected, not simply quarantined.

    So for the customer that set you a test message,

    Can you post the headers of the message with the personal information removed?

    Look up their domain here:

    https://mxtoolbox.com/

    What does it show for DMARC?

    How about for SPF?
    https://mxtoolbox.com/spf.aspx

    0 comments
  2. Joyce Shen - MSFT 16,701 Reputation points
    2021-04-12T06:13:18.99+00:00

    Hi @Michael Adams

    What's the quarantine reason for these emails? Like Andy suggest above, please check the configuration of their SPF and DMARC records.

    Like the issue in this thread: Emails getting stuck in quarantine, multiple SPFs, etc...

    Here is the official document introduces about How EOP works, you could check the configuration for your connection filter and anti-malware as well.

    If you have checked all the configurations properly, the issue still exists, we could consider feedback this issue to the o365 support.

    Ways to contact support for business products - Admin Help

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
     

    0 comments
  3. Michael Adams 366 Reputation points
    2021-04-14T22:51:06.287+00:00

    I appreciate you guys getting back to me. I am a bit slow getting back, but I did do quite a bit of research based on your suggestions.

    At one point, I did find multiple SPF records. I got that fixed, but it did not clear the problem. I waited a few days, and still no improvement.

    We are sending these emails through a third party SMTP service. They require two DKIM records, which we have.

    We do not have a DMARC record. I will create one. Any tips on keeping the spammers from blasting the mailto addresses for rua and ruf tags?

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.