Forum Discussion
Junk Email not working in Hybrid setup
We have an Exchange 2010 on-premise with a Hybrid config to Exchange Online. All mail coming and going out of the company is through our on-premise gateways. The problem we are having is for mailboxes that move out to Exchange Online, nothing is going into the Junk Folder even with explicit senders in the blocked senders list. I found that all email going to the mailboxes on Exchange Online have a Spam Confidence Level of : -1 which means nothing will ever go to Junk Folder. I have tried creating a transport rule on the Exchange Online side to check for a header and when found, set the SCL to 0. I know the header is firing, but the SCL continues to be -1. I am not sure what else to try. Looking for ideas. Thank you.
2 Replies
I don't think the issue is the SCL as I would expect the value to be set to -1 in a centralized hybrid deployment. Take a look at the Authentication-Results and Received-SPF header values and it should be showing that the messages are being received from a trusted location (your hybrid servers) which automatically sets the SCL to -1.
EOP should still be using the individual blocked senders list though. Are you defining the safe/block list at the organization level policy or on an individual user mailbox? If the later, I would assume you are using Outlook to manage these lists and are relying on safe list aggregation to EOP. If you run Get-MailboxJunkEmailConfiguration for the reference mailbox, are the correct items showing for the BlockedSendersAndDomains attribute?
Found the problem! The receive connectors for getting the email from our gateways had Exchange Servers listed under Permission Groups. This caused the X-MS-Exchange-AuthAs Internal header to be added when the email came in. With this header, when the email gets forwarded on to EOP, EOP sees it and stamps it as SCL-1 which was causing the email to not go into junk.
The fix: Un-check Exchange Servers under Permission Groups for the receive connectors.
Lots of stuff arriving in Junk folder now.
