MC894576 - Exchange Online: Update to bulk email filtering for enhanced accuracy

Service

Exchange Online
Microsoft Defender XDR

Published

Sep 21, 2024

Tag

Feature update
Admin impact

Summary

Exchange Online is updating bulk email filtering for better accuracy, factoring in intermediaries and enhancing BCL scores, especially when CAUTH is set to None. Rollout begins early October 2024, with completion by late October. Admins should review logs and prepare for changes in bulk email management.

More information

We are continuously refining our defense-in-depth approach, ensuring optimal protection when intermediaries are involved in your email traffic. We're enhancing the assignment of Bulk Complaint Level (BCL) scores when connectors are utilized, particularly for instances where Composite Authentication (CAUTH) is set to None.

We are rolling out a significant update that will result in more accurate BCL scoring for bulk emails. This adjustment ensures that the presence of intermediaries is factored into the scoring, making bulk email filtering more consistent and reflective of the actual sender's reputation. As a result, organizations can expect enhanced email filtering precision, leading to more reliable and effective management of bulk emails.

When this will happen:

General Availability (Worldwide, GCC, GCC High): We will begin rolling out early October 2024 and expect to complete by late October 2024.

How this will affect your organization:

  • Admins using connectors may observe changes in bulk email filtering as the new BCL scoring system provides more accurate reflections of bulk email traffic. This update will automatically be available by default, and admins should expect to see these changes reflected in their filtering logs and reports.
  • After the rollout, admins can expect to see an increase in the volume of bulk emails reflected in their Threat Protection Status (TPS) report. Specifically, when viewing data under Email > Spam and breaking down the chart by Detection Technology > Bulk, the updated scoring will provide a clearer insight into bulk email traffic handled by the system.

What you need to do to prepare:

Review your email filtering logs to assess the impact of the updated BCL scoring. Admins should also evaluate any custom rules or configurations in place and make necessary adjustments to optimize filtering based on the new scoring system.

For more details on BCL scoring and how it impacts your email security, see Bulk complaint level (BCL) in EOP.