Forum Widgets
Latest Discussions
Mastering Outbound Spam Protection in Microsoft Defender and Exchange Online Protection (EOP)
In today’s cloud-driven landscape, protecting your organization’s email flow is not only about stopping inbound threats—it’s also about ensuring your users aren’t the source of outbound spam. Whether caused by account compromise, misconfiguration, or shadow IT, outbound spam can damage your domain’s reputation, trigger blacklists, and even lead to service throttling from Microsoft. What Is Outbound Spam? Outbound spam refers to unwanted or malicious messages sent from inside your organization to external recipients. These messages can originate from: Compromised accounts Misused shared mailboxes Automation scripts or connectors Forwarding loops Outbound spam can place your domain on blocklists, reduce deliverability, and ultimately erode trust in your brand Tools Used: Microsoft Defender + Exchange Online Protection Microsoft 365 includes built-in outbound protection via: Exchange Online Protection (EOP) for all tenants Microsoft Defender for Office 365 for advanced protection and insights Step-by-Step: Configuring Outbound Spam Protection in EOP Create and Apply Outbound Spam Policies Microsoft 365 Defender Portal → Email & Collaboration → Policies & Rules → Threat Policies → Anti-Spam Policies Select ->Create Policy → Outbound Spam Filter Policy Give the policy a clear name Apply granular scoping by selecting users, groups, or domains based on risk level Configure outbound spam policies in EOP Message limits sections Section configures the limits for outbound email messages from Exchange Online Set an external message limit Maximum number of external recipients a user can send messages to in a one-hour period Set an internal message limit Maximum number of internal recipients a user can send messages to in a one-hour period Set a daily message limit The maximum total number of recipients per day This limit encompasses both internal and external recipients Valid value is 0 to 10000 Restriction placed on users who reach the message limit Restrict the user from sending mail until the following day Email notifications are sent, and the user is unable to send any more messages until the following day, based on UTC time Restrict the user from sending mail User can't send email until they're removed from Restricted users by an admin After an admin removes the user from the list, the user won't be restricted again for that day limit reset to zero No action, alert only Email notifications are sent Forwarding rules section controls automatic email forwarding by Exchange Online mailboxes to external recipients Automatic - System-controlled - system to manage the automatic forwarding of email messages to external recipients On - Forwarding is enabled: Automatic external email forwarding isn't disabled by the policy Off - Forwarding is disabled: All automatic external email forwarding is disabled by the policy Disabling only automatic forwarding messages to external addresses Outbound spam policies don't affect the forwarding of messages between internal users Notifications section You can configure additional recipients who should receive copies and notifications of suspicious outbound email messages Send a copy of suspicious outbound messages that exceed these limits to these users and groups Specify users or groups within your organization who should receive copies of outbound email messages that exceed the defined sending limits Setting adds the specified recipients to the bcc field of suspicious outbound messages Setting works only in the default outbound spam policy. It doesn't work in custom outbound spam policies Notify these users and groups if a sender is blocked due to sending outbound spam Allow you to configure who should receive a notification when a sender is blocked for sending outbound spam This setting is in the process of being deprecated from outbound spam policies Strongly recommend that you use the alert policy rather than this setting in the outbound spam policy to notify admins and other users Remove blocked users from the Restricted entities page Email & collaboration > Review > Restricted entities The user is restricted from sending email, but they can still receive email. Alert settings for Restricted users Automatically notifies admins when users are blocked from sending email Email & collaboration > Policies & rules > Alert policy Search Policy Name: User restricted from sending email Managing outbound spam is more than configuring a few switches—it's about having a layered defense posture. Microsoft Defender for Office 365 and Exchange Online Protection give you the visibility, automation, and control to protect both inbound and outbound mail traffic Managing outbound spam isn’t just about setting limits—it’s about shaping a layered, intelligent policy landscape Detects malicious senders Alerts admins in real time Automatically blocks abuse Protects domain trust and email deliverability With Microsoft Defender for Office 365 and EOP, you have everything you need to build a resilient outbound protection frameworkWhat triggers Microsoft's cloud filtering layer to assign a Spam Confidence Level (SCL) score?
Calling all Exchange and Microsoft 365 experts! I am investigating why two messages (received by the same recipient) sent from the same sender, domain, IP, and infrastructure received different Spam Confidence Level (SCL) scores from Microsoft’s cloud filtering layer (Exchange Online Protection). Message 1 (SCL 1): Delivered to Inbox Message 2 (SCL 5): Routed to Junk Both messages: Passed SPF, DKIM, DMARC, and CompAuth Had identical spam rule triggers and phishing scores Used the same HELO/EHLO and PTR records The only differences were: Slightly different routing paths and engine codes Subtle differences in message body content Question: What specific factors or heuristics in Microsoft’s cloud filtering layer could cause a change in SCL scoring for messages that appear nearly identical in infrastructure and authentication? Any insights into how SCL scoring is dynamically influenced would be greatly appreciated! Thank you in advance to whoever can shed some insight into this!!! Maxim P.S. headers can be provided, if that helps.
Microsoft Teams issue.
At Chillibreeze, our team depends heavily on Microsoft 365 and Microsoft Teams to drive collaboration, communication, and productivity across departments. However, we are currently experiencing persistent performance issues with the new Teams client that are disrupting our daily workflows: Teams freezes when activating the camera or initiating screen sharing during meetings Channels and chat windows scroll automatically without any user interaction, making navigation difficult and disorienting These issues have become increasingly disruptive, especially during high-stakes meetings, client presentations, and internal project reviews. Troubleshooting Steps Taken: To date, we have attempted the following actions across multiple devices and user accounts: Cleared the Teams cache. Reinstalled the Teams app entirely (clean uninstall and reinstall) Updated BIOS and camera drivers to the latest available versions Ensured all Windows and Microsoft 365 updates are current Despite these efforts, the issues persist. We are currently using Microsoft Teams Version 25163.3611.3774.6315 (New Teams app) on Windows 11 machines with up-to-date specs. Request for Support and Community Insight: We are reaching out to Microsoft community, Microsoft 365, and the wider community to ask: Are other organizations experiencing similar issues with the New Teams app? Have any workarounds or configurations proven effective? Is there an ETA for a fix or acknowledgment of these issues from Microsoft? We value the reliability of Microsoft Teams and are hopeful that a solution can be identified promptly, as the current instability is having a tangible impact on our team’s productivity and morale. Any assistance, insights, or escalation support would be greatly appreciated.Microsoft Learning Rooms have moved to Tech Community!
We’re excited to announce the launch of Microsoft Learning Rooms—now live in the Groups tab of the Microsoft Learn Tech Community Hub! 👉 Join a Learning Room today and take your skills to the next level. Make sure to join the Learning Rooms you want, and don’t forget to hit the 🔔 Bell icon so you never miss an update! These dedicated spaces are hosted by Microsoft Learn Experts and are designed to help you: ✅ Get your questions answered in real time ✅ Join exclusive events and discussions ✅ Connect with peers and professionals on your learning journey ✅ Stay up to date with the latest Microsoft Learn resources and updates Whether you're just starting out or looking to deepen your expertise, there's a Learning Room for you. Explore topics across Azure, Microsoft 365, Power Platform, AI, and more! Let’s learn together. See you in the rooms! 😊
SC-300 exam and course content are very different
I failed my SC-300 exam with Pearson VUE on July 6th. I prepared myself with the official training course on https://learn.microsoft.com/en-us/training/courses/sc-300t00 There's a practice available on https://learn.microsoft.com/en-us/credentials/certifications/identity-and-access-administrator/?practice-assessment-type=certification where it says that this test will "provide you with an overview of the style, wording, and difficulty of the questions you're likely to experience on the exam" Therefore, I was confident going into the test with a 96% score on the practice assessments. I did about 4 or 5 runs to be sure I was able to pass different sets of questions. Once into the exam, I was shocked it didn't include none of the questions of the practice assessment. Furthermore, the question's subjects were very different from the training course. There's a huge discrepancy between the training course / practice assessment and the real exam. Now I'm trying to find the updated documentation and practice assessment, so I can have a better chance next time. Any help would be much appreciated. English is not my first language, I apologize for any grammar mistakes.
Linking AZ-400 exam to the Microsoft Partner Center
I recently passed the AZ-400 exam and would like to connect this accomplishment to my company's partner center, but I have encountered a lot of trouble and have yet to successfully connect the exam to the partner account. The e-mail address I used to take the exam was my work e-mail, which I used to sign up for Microsoft Learn, as my employer and I believed this would be the easiest route to connecting the exam to the partner account after passing the exam. After passing the AZ-400, we tried to connect the AZ-400 exam and received an odd error message saying my account had no certificates or exams, despite seeing the exam in my Microsoft Learn achievements. So we tried linking my work account to my personal account, in order to try and connect my personal Microsoft Learn profile with the partner account. This also did not work. At this point, we are stumped as to how we can move forward and connect my Microsoft Learn profile with the Microsoft Partner Center. To sum things up, I have the AZ-400 exam in my Microsoft Learn profile I was unable to connect my personal and work Microsoft Learn profiles with my company's partner account, as the exam was not recognized Can anyone help me with this issue or has someone seen it before?
Prioritize Your Pipeline to Sell More with Less Effort
July 9 | 1 PM EST ➡️ Save your seat We'll share how to assess and prioritize your pipeline so you can focus on the deals most likely to convert. Learn how Carve prioritizes deals—what to look for, what to avoid, and how to move faster with less effort. Learn how to: Spot high-impact deals most likely to close via Marketplace Filter out distractions and stop wasting time on low-probability opportunities Identify what Microsoft sellers actually care about so your deals get noticed ➡️ Save your seat
Microsoft Certification Exam Voucher - AI Skills Fest Challenge
Dear Community, I am writing to you regarding a Microsoft Certification exam voucher I received as a winner of the Microsoft AI Skills Fest Challenge Sweepstakes. I understand its expiration date was June 21, 2025. Unfortunately, due to an oversight, I was unable to schedule and take my exam before the expiration date. I would be incredibly grateful if you would consider my situation and advise if there is any possibility of an extension or a new voucher being issued. I was very much looking forward to utilizing this opportunity to achieve a Microsoft Certification. Thank you for your time and consideration.
