none
Honeypot

    Question

  • Does Microsoft EOP offer an email honeypot like feature where I can put in some old email addresses which help identity spammers?

    Thanks,

    Todd

    Friday, May 24, 2019 12:37 PM

All replies

  • Does Microsoft EOP offer an email honeypot like feature where I can put in some old email addresses which help identity spammers?

    Thanks,

    Todd

    You can set the spam filter policy to redirect suspected spam to a mailbox if you want. not sure there is any value anymore to using a  honeypot like that
    Friday, May 24, 2019 2:50 PM
    Moderator
  • I still receive a lot of email sent to user email addresses where the users have been gone for many years. Anyone sending to these email addresses is definitely a spammer.
    Friday, May 24, 2019 3:22 PM
  • I still receive a lot of email sent to user email addresses where the users have been gone for many years. Anyone sending to these email addresses is definitely a spammer.
    Yea, but does it matter? If those emails are still in your org, why? If not, then they will get rejected if you have Directory Edge Blocking set in 365 ( i.e the accpted domain is set to authoritative) 
    Friday, May 24, 2019 3:27 PM
    Moderator
  • Hi Todd,

    I'm just writing to check how's everything going? If you have any questions or needed further help on this issue, please feel free to post back. If the issue has been resolved, please mark the helpful replies as answers, this will make answer searching in the forum easier and be beneficial to other community members as well.

    Thanks for your understanding.


    Best Regards,
    Niko Cheng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, June 3, 2019 9:22 AM
    Moderator
  • Hi Niko,

    I would have to yes, it does matter. Why wouldn't we want Microsoft EOP to provide the best spam processing it can. There is no down-side to Microsoft EOP identifying additional spammers. So, are you saying Microsoft EOP does not have this functionality and is not planning to have it in the future?

    Thanks,

    Todd

    Tuesday, June 4, 2019 1:35 PM
  • Hi Niko,

    I would have to yes, it does matter. Why wouldn't we want Microsoft EOP to provide the best spam processing it can. There is no down-side to Microsoft EOP identifying additional spammers. So, are you saying Microsoft EOP does not have this functionality and is not planning to have it in the future?

    Thanks,

    Todd

    Just because the user doenst exist anymore doesnt mean its spam. It could be an old mailing they never unsubscribed from etc... But regardless, I still dont see the value. Your real users get enough junk, have them report that if desired. If anything, dont accept messages for users that do not exist anymore. That's the best anti-spam protection there is.

    As for EOP having a a honeypot, they really dont. I dont think the honeypot thing has been a thing for spam in many years. Theres just too much of it now and the dynamics have changed


    Tuesday, June 4, 2019 1:47 PM
    Moderator
  • You can use the Report Message Addin feature in outlook desktop and outlook online. As an admin you can enable for all users or specific users. Feature is explained in the article below

    The Report Message add-in for Outlook and Outlook on the web enables people to easily report misclassified email, whether safe or malicious, to Microsoft and its affiliates for analysis. Microsoft uses these submissions to improve the effectiveness of email protection technologies. In addition, if your organization is using Office 365 Advanced Threat Protection Plan 1 or Plan 2, the Report Message add-in provides your organization's security team with useful information they can use to review and update security policies.

    Friday, June 7, 2019 4:03 PM
  • You can use the Report Message Addin feature in outlook desktop and outlook online. As an admin you can enable for all users or specific users. Feature is explained in the article below

    The Report Message add-in for Outlook and Outlook on the web enables people to easily report misclassified email, whether safe or malicious, to Microsoft and its affiliates for analysis. Microsoft uses these submissions to improve the effectiveness of email protection technologies. In addition, if your organization is using Office 365 Advanced Threat Protection Plan 1 or Plan 2, the Report Message add-in provides your organization's security team with useful information they can use to review and update security policies.

    He wants a honeypot for addresses that *don't* exist.
    Friday, June 7, 2019 8:34 PM
    Moderator