EOP

Microsoft upgraded their EOP anti-spoofing capabilities inside Office 365, which is good, but they didn’t tell anyone. The first users knew was when they started to receive messages stamped with “the sender failed our fraud detection checks” – something that is never assuring. This only applies to ATP customers, but it’s not the first time Microsoft has failed to communicate important news.

You know that Office 365 Groups have a mailbox and that the mailbox holds conversations and the group calendar. But many other folders exist in a group mailbox. Some are used for internal purposes, some by clients. And sometimes you want to look to see what those folders hold, as when some mail might have been misdirected to Junk Email.

Exchange Online Protection now highlights unauthenticated users – or messages that come from people who cannot prove their identity. Instead of a nice picture (or avatar), you see a question mark for the user. Maybe this might make people think twice about the opportunity to send money to someone to liberate funds held in a bank. Just maybe.

Microsoft has released the Report Message add-in for Outlook 2016 to help Office 365 users report when spam arrives into Inboxes or messages are incorrectly treated as Junk. It’s a good way to get information about new threats to Microsoft security researchers.

It’s impossible for an email hygiene service like Exchange Online Protection (EOP) to suppress every possible piece of malware that attempts to penetrate Office 365. Even the broad array of anti-malware techniques will let some small percentage of spam through. Email administrators need to be on guard all the time.