Mailprotector modified SpamCop results' scoring last week to reduce false positives on emails from Microsoft's Exchange Online (M365). Unfortunately, the modification did not have as much impact as we had hoped. Microsoft continues to have a range of IP addresses listed on the SpamCop database.
After careful consideration, Mailprotector will continue to perform the SpamCop check but exclude it from the scoring process until further notice.
We will continue to monitor the situation.
Posted Jan 24, 2024 - 12:36 EST
Update
A sensitivity adjustment has been implemented to reduce the false positive rate on SpamCop results from Microsoft's IP addresses.
Mailprotector will continue to monitor the situation. Please be aware there is a very low probability spam leakage may occur on an email with only a SpamCop signal, but the reduction in false positives should be noticeable.
Posted Jan 17, 2024 - 16:32 EST
Monitoring
In the last few weeks, Microsoft has experienced email reputation problems that resulted in their IP addresses getting listed with SpamCop. Mailprotector has been monitoring the situation, and we've attempted to mitigate the impact on CloudFilter and SafeSend, but ignoring the signals from SpamCop would introduce a significant risk.
Unfortunately, Microsoft is responsible for correcting the behavior that is causing their IP reputation problems. The situation is complex when the recent spam reports from onmicrosoft.com domains are added to the variables at play.
False positives can be frustrating, and Mailprotector attempts to minimize false positive rates without sacrificing sound security practices. Microsoft's infrastructure is considered a high-risk source, given the frequency of compromised mailboxes and impersonation using the onmicrosoft.com domains. Therefore, we expect a higher-than-normal false positive rate from M365-hosted domains.
Mailprotector's team is monitoring the situation, addressing false positives strategically, and assisting partners as best we can. M365-hosted domains using a smart host, such as Mailprotector, are better positioned for successful email deliverability. Domains without a smart host and relying on Microsoft's email infrastructure are most affected.
Mailprotector will provide more information if we receive it. Thank you.
Posted Jan 17, 2024 - 12:30 EST
This incident affected: CloudFilter and SafeSend Email Security.