Forum Discussion
BCL Values
You could use the Mail traffic reports from the https://technet.microsoft.com/en-us/library/dn500744%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396#BKMK_Viewmailprotectionreportsintheoffice365admincenter or from powershell using the https://technet.microsoft.com/en-us/library/jj200682%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396 cmdlet
Or you could look at why you are getting the spam/phishing and resolve the issue in other ways. For example, if it is phish have you enabled DMARC on your domain and worked towards a quarantine or reject policy.
Ensure that groups that do not need to receive from internet are set to block unauthenticated connections (groups made back in the 2003 timeframe default to this)
Consider using the spam filter policy to move high category spam to reject and medium to junk mail or end user quarantine
Train users in the Outlook reject sender options to they have personal blocklists
Ensure that all your mail routes through a cloud filter first, and that this is the first hop (I.e. MX to Exchange Online Protection) and not MX straight to your servers or to a device that is not a spam filter (you don’t outline what service you are using for spam filtering so some of the above you may be doing already)
We're doing most of what you suggested already; just the BCL deal threw us off.