Junk E-Mail what is going on?
February 1, 2014
Did you know that Outlook and Exchange both have their own antispam filtering mechanism and that they are working independent?
Have you ever been wondering why Outlook still places emails in “Junk E-mail” folder even when you have turned “Junk E-Mail” filtering off?
In this post I will try to Explain why and what to do. As usual this is taken from daily experience at customers.
Lets simulate a real life scenario.
We receive an E-mail from Billy Bob and it is placed in the ‘Junk E-mail’ folder. From Outlook 2007 SP2 and up the infobar will tell if Exchange or Outlook did this. As we can see Outlook Junk Email filter marked this message as spam.
Lets check the Junk E-mail Options.
As we can see it’s turned on – set to “low”.
Now lets check the MailboxJunkEmailConfiguration in Exchange.
As you can see ‘Enabled’ is set to ‘false’. Thats not the default setting, but I changed it prior to this test.
Now when we know that only Outlooks Junk Email filter is active, lets try to add Billy Bob to the ‘Safe Senders’ list.
Even though both Outlook and Exchange have their own filters, these lists are common. As you can see, you can also see what was added in the Outlook client, using the Get-MailboxJunkEmailConfiguration cmdlet.
Now lets ask Billy Bob to send a new email. As expected it now goes to the Inbox.
An interesting thing to know is that Outlook doesn’t care about what SCL level Exchange gives the message. It lives its own life, except if the SCL is set to -1. I usual add a transport rule at customers which sets the SCL to -1 on every e-mail containing their own domain in the email address. Why? Due to the fact that they will let printers and scanners relay mails anonymous. To prevent all the scanned documents go to ‘Junk Email’ I’ll create a transport rule.
Now lets create a transport rule, setting the SCL to -1 for the klaphat.com domain. We will also remove firstname.lastname@example.org from the Safe Senders list again so we can see if this works.
Now the mail (Test 3) goes directly to the inbox.
Lets take a look at the emails header just to see if we can verify that Exchange did set the SCL to -1. We will look for the X-MS-Exchange-Organization-SCL attribute.
What will happend if adds Billy Bob to the block list? Who will win? Exchange or Outlook?
Lets check its the setting can be seen in Exchange.
Now Billy Bob sends a new message and as we can see it goes to the ‘Junk E-Mail’ folder. That makes sense. Even though we change the SCL to -1 we still tells Outlook to move it to ‘Junk E-mail’.
But what would happend if we didn’t let Outlook see the message? If we ask Billy Bob to send another message and we log in to the OWA instead. Lets try and see.
I guess you llready knew what was going to happen. Since we have disabled Junk Email completely in Exchange, the message will go to the Inbox.
Now when we start Outlook to read the message, there will be no surprise when Outlook moves the message to “Junk E-Mail”, because that is excactly what will happen.
Now lets try one last thing. Lets enable the JunkEmailConfiguration in Exchange and try one more time.
We are using the Set-MailboxJunkEmailConfiguration stp -Enabled:$true
Now Billy Bob sends one more e-mail. And we will log into the OWA and see what happends.
Now it goes to the Junk E-Mail folder and thats because we turned this feature on in Exchange.
My goal with this post was to make clear that both Outlook and Exchange have their own junk e-mail mechanisms.
They can be turned on and off independant of each other. The only thing they have in common is the ‘Safe Senders’ (called Trusted Senders in Exchange) and the ‘Blocked Senders list.
Sometimes this can be very confusion not at least for the end users.
My recommendation is to turn off smart filter screening in both Outlook and Exchange and then have a 3rd party screening your mails for spam. This could be an Microsoft Exchange Edge server, a partner or an appliance e.g. Barracuda Spam Firewall or Vircom Modusgate.
Thanks for reading.