Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
Where is my spam going?

Unanswered Where is my spam going?

  • Friday, July 06, 2012 11:49 PM
     
     
    Sign In to Vote
    0

    Hi,

    We just started with Exchange Online, and it now looks like we're not getting a lot of legitimate mail we should be getting. The missing mail is mostly mailing list stuff, so I'm thinking it's getting caught in the spam filter, but I can't find it.

    Yesterday, I ran an e-mail traffic report in FOPE, and it reported 280 spam messages since I started the service three days ago. At that time, I also changed settings so that spam should go to quarantine instead of adding an x-header, and enabled quarantine notifications. At the time of these changes, there were 11 total messages in the junk mail folders of our users.

    I ran another report this morning, and it reported 310 spam messages. So, it seems like there should have been around 30 messages in quarantine. However, looking at the quarantines for our users, I see only one spam message.

    I received a quarantine notification last night with only one spam message listed. Strangely, the one message that is actually in quarantine is not the same message as was listed in the quarantine notice. The spam message in the notification isn't in quarantine, or anywhere else that I can find.  If it's relevant, the quarantine notice was sent to an alias address for one of our accounts, not to the primary address. The missing mail is pretty much all to alias addresses and not to primary addresses.

    Can anyone tell me what's happening to the mail we're not getting? Where can I view the 300+ spam message that FOPE is reporting?

    Thanks!

     

All Replies

  • Sunday, July 08, 2012 10:57 PM
     
     
    Sign In to Vote
    0

    FOPE does not keep any email with it. Either it is going to deliver it to the Inbox or to the spam quarantine ( If spam action for the domain is spam quarantine not Add X-header) or will reject it and send NDR to the sender. I beleive you are looking at the Other spam column in the spam report. It includes emails that never reached your domain and were rejected due to bad IP reputation and the emails that was marked as spam due to ASF and also the emails that was moved from quarantine mailbox as not junk.

    That is the reason why the no. is that much high and you are not able to find that much emails.

    Unfortunately there is no place where you can find those 300+ emails.

    If you want to see how many people received the notification. Under Tool tab in FOPE admin center trace the email.

    Use sender address as : quarantine@messaging.microsoft.com and the receipient will be your domain (ex- contoso.com) and then click on search tab to trace the email from the date you set the notification.

    If you have any legitimate email that you think was blocked let me know the sender and recipient email address and the date and time the email was sent.

    Regards,

    V-9amra