Creating Exchange Online bypass spam rule – whitelist specific sender E-mail address | Part 3#6 5/5 (2) 5 min read

In the following article, we will provide “step by step” instructions for creating Exchange Online bypass spam rule, that will prevent the “spam check” that the Exchange Online mail server performs for a specific E-mail address.

The current article is the continuation of the former article. A quick reminder, in the previous article, we learn how to configure our WordPress site to address Exchange Online mail server.

We manage to successfully send E-mail to an organization recipient, but the main problem was that the E-mail that was sent from the WordPress site, was “stamped” as spam mail by the Exchange Online server (because we didn’t provide any user credentials).

Our request is – to “tell” the Exchange Online mail server not to treat E-mail that is sent from the WordPress site as a “problematic E-mail.”

In our scenario, the WordPress send E-mail by using the E-mail address – support@o365info.com

To be able to ” instruct ” Exchange Online not to execute the spam verification on the E-mail addresses support@o365info.com, we will create an Exchange Online rule that described as – bypass spam rule.

The rule will instruct the Exchange Online mail server to “stamp” each E-mail that sent from the E-mail address support@o365info.com using the SCL score of “-1”.

Creating Exchange Online bypass spam rule – whitelist specific sender E-mail address

Part 1#2 – configuring the “condition part” of the Exchange Online Bypass spam rule

  • Log in to the Exchange admin portal
  • On the left menu bar, select – mail flow
  • On the top menu bar, select –rules
  • Click on the plus icon
  • Select – Create a new rule…

Configuring bypass spam rule using Exchange Online for a specific sender -01

  • Click on the – More Options… link (by default, the interface of the Exchange Online rule, includes only a limited set of options. To be able to display the additional options, we will need to “activate” the More Options…).

Configuring bypass spam rule using Exchange Online for a specific sender -02

  • In the Name: box, add a descriptive name for the new rule.
    In our specific scenario, we will name the rule – Approve E-mail send by support@o365info.com
  • In the section named –Apply this rule if… click on the small black arrow

Configuring bypass spam rule using Exchange Online for a specific sender --03

Condition 1#1

  • Choose the primary menu –The sender…
  • In the submenu, select the option –Is this person

Configuring bypass spam rule using Exchange Online for a specific sender -04

  • In our example, we add the E-mail address of the “WordPress support” (support@o365info.com).
  • Click – Check names

Configuring bypass spam rule using Exchange Online for a specific sender -06

  • Click – OK

Configuring bypass spam rule using Exchange Online for a specific sender -07

Part 2#2 – configuring the “action part” of the Exchange Online Bypass spam rule

In this step, we configure the “second part” of the Exchange Online rule, in which we define the required Exchange response (action) to a scenario in which the “source sender” E-mail address is support@o365info.com

In our scenario, we ask from Exchange Online not to implement spam check on E-mail messages that sent by this recipient!

If we want to use more technical terms, we will instruct Exchange Online to set the SCL value of E-mail message that sends from the E-mail address support@o365info.com to “-1”.

In Exchange based environment, the meaning of SCL=-1 is translated into “this is a secure E-mail message”.

  • In the section named –*.Do the following… click on the small black arrow.

Configuring bypass spam rule using Exchange Online for a specific sender -08

  • Select the menu option –Modify the message security…
  • In the submenu, select – Set the spam confidence level (SCL)

Configuring bypass spam rule using Exchange Online for a specific sender -09

  • Click on the small arrow to select the required SCL value

Configuring bypass spam rule using Exchange Online for a specific sender -10

  • Select the option – Bypass spam filtering. The option of ” Bypass spam filtering” will
    stamp the E-mail message with the SCL value of “-1”.

Configuring bypass spam rule using Exchange Online for a specific sender -11

  • Click OK

Configuring bypass spam rule using Exchange Online for a specific sender -12

In the following screenshot, we can see the “final result.”
The Exchange Online Bypass spam rule includes two parts – the condition part and the action part.

  • Click Save

Configuring bypass spam rule using Exchange Online for a specific sender -13

Analyzing the information stored in the E-mail header.

To be able to understand better the process that is implemented by the Exchange Online bypass spam rule, we will analyze the information stored in the E-mail header.

In our example, we analyze the E-mail header content by using the Microsoft Remote Connectivity Analyzer

Just a quick reminder, in our scenario the WordPress site address Office 365 mail server without providing any user credentials.

Sender’s identity

In Exchange based environment, the information about the sender identity stored in a mail field named –X-MS-Exchange-Organization-AuthAs =Anonymous

In our specific scenario, we can see that the value that appears in the X-MS-Exchange-Organization-AuthAs is Anonymous

The meaning is that from the Exchange server point of view, the sender is “unknown.” Usually when the sender considered “unknown” and in addition, he uses the organization E-mail address (o365info.com in our example) this is a sign for a Spoof mail attack!

By default, Exchange server was supposed to stamp this E-mail message using high SCL value!

Analyzing E-mail header Exchange remote connectivity Analyzer- bypass spam rule Exchange Online sender -01

The E-mail message SCL value

Exchange stores the information about the “spam score” of specific E-mail in the mail field-
X-Forefront-Antispam-Report.

The “spam score” is represented by a value named – SCL (spam confidence Level).

The SCL grade range starts with -1 and end with 9

In our example, the SCL values identity “-1”.
The meaning is that Exchange Online server will not implement a “spam check” for this E-mail message because the SCL value “-1”, tell Exchange Online that the E-mail message is “trusted.”

Analyzing E-mail header Exchange remote connectivity Analyzer- bypass spam rule Exchange Online sender -02

Configure your WordPress site to send E-mail via Office 365 or SMTP mail server| Article series index

Now it’s Your Turn!
It is important for us to know your opinion on this article

Print Friendly

Related Post

Please rate this

Eyal Doron on EmailEyal Doron on FacebookEyal Doron on GoogleEyal Doron on LinkedinEyal Doron on PinterestEyal Doron on RssEyal Doron on TwitterEyal Doron on WordpressEyal Doron on Youtube
Eyal Doron
Share your knowledge.
It’s a way to achieve immortality.
Dalai Lama

One Response to “Creating Exchange Online bypass spam rule – whitelist specific sender E-mail address | Part 3#6”

  1. What about if I’m not using exchange online? Since I have a godaddy wordpress plan I can only use relay-hosting.secureserver.net . Please help

Leave a Reply

Your email address will not be published. Required fields are marked *