SlideShare a Scribd company logo

High risk delivery pool and Exchange Online - part 10 of 17

Download as PPTX, PDF
Eyal Doron
Eyal Doron
Technology
1 of 15
High Risk Delivery Pool and Exchange Online | Part 10#17 Eyal Doron o365info.com
2 • Who is the authority who approves or identifies E-mail as spamjunk mail? • Outbound spam scenario flows in an Office 365 environment • Recap and final conclusions AGENDA
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
Eyal Doron o365info.com
EyalDoron o365info.com

Recommended

TAM-2012-14 GMS Elathur Sengottai -Health is Wealth
TAM-2012-14 GMS Elathur Sengottai -Health is WealthTAM-2012-14 GMS Elathur Sengottai -Health is Wealth
TAM-2012-14 GMS Elathur Sengottai -Health is Wealth
designforchangechallenge
 
My E-mail appears as spam - troubleshooting path - part 11 of 17
My E-mail appears as spam - troubleshooting path - part 11 of 17My E-mail appears as spam - troubleshooting path - part 11 of 17
My E-mail appears as spam - troubleshooting path - part 11 of 17
Eyal Doron
 
Be past sp
Be past spBe past sp
Be past sp
Yuum67
 
Anafrank
AnafrankAnafrank
Anafrank
mariacelestecontardi
 
第10回word bench熊本
第10回word bench熊本第10回word bench熊本
第10回word bench熊本
Akinori Tateyama
 
Geese
GeeseGeese
Geese
ZEMEDKUN AKLEWEG Tiruneh
 
PATHS at PATCH 2011
PATHS at PATCH 2011PATHS at PATCH 2011
PATHS at PATCH 2011
pathsproject
 
Art sobre rodes
Art sobre rodesArt sobre rodes
Art sobre rodes
pvillacult
 

Recommended

TAM-2012-14 GMS Elathur Sengottai -Health is Wealth
TAM-2012-14 GMS Elathur Sengottai -Health is WealthTAM-2012-14 GMS Elathur Sengottai -Health is Wealth
TAM-2012-14 GMS Elathur Sengottai -Health is Wealth
designforchangechallenge
 
My E-mail appears as spam - troubleshooting path - part 11 of 17
My E-mail appears as spam - troubleshooting path - part 11 of 17My E-mail appears as spam - troubleshooting path - part 11 of 17
My E-mail appears as spam - troubleshooting path - part 11 of 17
Eyal Doron
 
Be past sp
Be past spBe past sp
Be past sp
Yuum67
 
Anafrank
AnafrankAnafrank
Anafrank
mariacelestecontardi
 
第10回word bench熊本
第10回word bench熊本第10回word bench熊本
第10回word bench熊本
Akinori Tateyama
 
Geese
GeeseGeese
Geese
ZEMEDKUN AKLEWEG Tiruneh
 
PATHS at PATCH 2011
PATHS at PATCH 2011PATHS at PATCH 2011
PATHS at PATCH 2011
pathsproject
 
Art sobre rodes
Art sobre rodesArt sobre rodes
Art sobre rodes
pvillacult
 
Comparing taxonomies for organising collections of documents presentation
Comparing taxonomies for organising collections of documents presentationComparing taxonomies for organising collections of documents presentation
Comparing taxonomies for organising collections of documents presentation
pathsproject
 
Patinaje
PatinajePatinaje
Patinaje
pvillacult
 
Outdoor Kitchens
Outdoor KitchensOutdoor Kitchens
Outdoor Kitchens
sunkitchen
 
SemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
SemEval-2012 Task 6: A Pilot on Semantic Textual SimilaritySemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
SemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
pathsproject
 
IND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
IND-2012-277 St.Xavier’s High School -Zero Garbage CampaignIND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
IND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
designforchangechallenge
 
PATHS: Personalised Access to Cultural Heritage Spaces
PATHS: Personalised Access to Cultural Heritage SpacesPATHS: Personalised Access to Cultural Heritage Spaces
PATHS: Personalised Access to Cultural Heritage Spaces
pathsproject
 
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
Eyal Doron
 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...
Eyal Doron
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Eyal Doron
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Eyal Doron
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
Eyal Doron
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
Eyal Doron
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...
Eyal Doron
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Eyal Doron
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Eyal Doron
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
Eyal Doron
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...
Eyal Doron
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
Eyal Doron
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
Eyal Doron
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Eyal Doron
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Eyal Doron
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Eyal Doron
 

More Related Content

Viewers also liked

Comparing taxonomies for organising collections of documents presentation
Comparing taxonomies for organising collections of documents presentationComparing taxonomies for organising collections of documents presentation
Comparing taxonomies for organising collections of documents presentation
pathsproject
 
SemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
SemEval-2012 Task 6: A Pilot on Semantic Textual SimilaritySemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
SemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
pathsproject
 

Viewers also liked (6)

Comparing taxonomies for organising collections of documents presentation
Comparing taxonomies for organising collections of documents presentationComparing taxonomies for organising collections of documents presentation
Comparing taxonomies for organising collections of documents presentation
 
Patinaje
PatinajePatinaje
Patinaje
 
Outdoor Kitchens
Outdoor KitchensOutdoor Kitchens
Outdoor Kitchens
 
SemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
SemEval-2012 Task 6: A Pilot on Semantic Textual SimilaritySemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
SemEval-2012 Task 6: A Pilot on Semantic Textual Similarity
 
IND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
IND-2012-277 St.Xavier’s High School -Zero Garbage CampaignIND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
IND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
 
PATHS: Personalised Access to Cultural Heritage Spaces
PATHS: Personalised Access to Cultural Heritage SpacesPATHS: Personalised Access to Cultural Heritage Spaces
PATHS: Personalised Access to Cultural Heritage Spaces
 

More from Eyal Doron

Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Eyal Doron
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
Eyal Doron
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
 

More from Eyal Doron (20)

How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36
 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

High risk delivery pool and Exchange Online - part 10 of 17

Editor's Notes

  1. The current article is the continuation of the former article: High Risk Delivery Pool and Exchange Online | Part 9#17 In this article we will focus on the following subjects: How does Exchange Online “decide” to classify specific E-mail as spam\junk mail? Description of the internal spam E-mail message flow
  2. When Office 365 recipients ask to “deliver” E-mail to another recipient, Exchange Online (EOP if we want to be more accurate) must check the E-mail message and verify that the E-mail is “OK” or not consider as spam\junk mail. The “Security scanning process” of outbound E-mail message, is implemented by addressing two types of “security infrastructures”: Proprietary block lists – that are not “exposed to the general public” Third-party (partner) public block lists providers. Exchange Online Protection (EOP) uses its own proprietary block lists as well as third-party (partner) block lists. If a user is placed on our block lists after sending outbound messages through the service, they’ll receive a 550 5.1.8 Access Denied, Bad Sender message.  Additionally, the domain administrator address configured via the sends a notification to the following email address when a sender is blocked sending outbound spam setting in the outbound spam policy will receive a message that the sender was placed on our block lists. [Source of information: Request that a user, domain, or IP address be removed from a block list after sending outbound spam]In the following diagram, we can see a “high level” flow of the process, in which Exchange Online scan outgoing E-mail message that is sent by Office 365 users by using the help of the “black and block list databases”. Note – the popular term is “black list” providers. In the Office 365 and Exchange Online articles the term that is used most of the time is: “Block list” providers. We can relate to these two different terms as synonyms.
  3. Q: Who are these “mysterious” Third-party (partner) public blocks lists providers? A: Information about this “Third-party (partner) public block lists providers” is publicly published. For example, if you want to get more information about the “Third-party (partner) public block lists providers” that are used by Office 365 and Exchange Online you can read the following article: Request that a user, domain, or IP address be removed from a block list after sending outbound spam. In the article we can see, a list of Third-party (partner) block lists providers who are used by Exchange Online infrastructure.
  4. To demonstrate the flow of “internal spam E-mail”, let’s use the following scenario: Office 365 users sent E-mail to a “destination recipient”. The E-mail message is scanned and identified as spam\junk mail. For this reason, the E-mail message is routed to the Exchange Online High Risk Delivery Pool and will be sent by the Exchange Online High Risk Delivery Pool to “her destination”. The “end” of the scenario is not known because, we are not able to know what is the security policy is and the rules that will be implemented by the destination mail infrastructure.
  5. Step 1 – Office 365 recipients, send E-mail to an external recipient. The request is accepted by Exchange Online server.
  6. Step 2 – Exchange Online accepts the E-mail message and, forward the E-mail message to Exchange EOP (Exchange Online Protection) for further analyses.
  7. Step 3 – Exchange EOP, accept the E-mail message and, forward the E-mail message to the Proprietary block lists + Third-party (partner) block lists.
  8. Step 4 – the E-mail message is examined by the block lists providers. In our scenario, the E-mail message was identified as spam\junk mail. The block lists a provider send back the E-mail message to Exchange EOP and “inform” EOP that the E-mail is a “problematic E-mail message”.
  9. Step 5 – because the E-mail message was identified as spam\junk mail, Exchange EOP will not“forward” the E-mail message to the standard Exchange Online server pool but instead, the E-mail message will be forwarded to the “Exchange Online High Risk Delivery Pool”
  10. Step 6 – one of the “High Risk Delivery Pool” members, will try to deliver the E-mail message to the destination mail server. The basic assumption is that – the “destination mail server” use security services in which the incoming E-mail is scanned and verified via the blacklist provider and other security mechanism. In our scenario, there is a high chance that the E-mail message will be classified as spam\junk mail by the “destination mail server” because, the IP address of the Exchange Online High Risk Delivery Pool appears in well-known blacklists. Note – other possible scenarios is that the E-mail message will be identified as spam\junk mail because of the E-mail content and not because the E-mail message was sent via the Exchange Online- High Risk Delivery Pool.
  11. Step 7 – The Mail security infrastructure that is used by the “destination mail server”. Each of the “external mail infrastructure” uses a different mail security policy and services. In some scenario, the “destination security mail gateway” will block the E-mail message and reply back with an NDR message. In some scenario, the “destination security mail gateway” will send the E-mail message to a quarantine. In some scenario, the “destination security mail gateway” Will Increase the value of the SCL (spam confidence level) and forward the E-mail message to the destination recipient. An example for NDR message In the following section, we can see an example of an NDR message that was returned to Office 365 recipients by the “destination mail server”. Pay attention to the IP address that appear on the NDR message. This is an IP address that “belong” to the IP range of the “High Risk Delivery Pool” Remote Server returned ‘550-5.7.1 [157.56.116.102 ] our system has detected an unusual rate of 550-5.7.1 unsolicited mail originating from your IP address. To protect our 550-5.7.1 users from spam, mail sent from your IP address has been blocked. 550-5.7.1 Please visit http://www.google.com/mail/help/bulk_mail.html to review 550 5.7.1 our Bulk Email Senders Guidelines. p10si13699322wje.90 – gsmtp’
  12. In a scenario in which we are notified, that mail that was sent from our organization is classified as spam\junk mail the main question now is: What is the reason (the causes) that mail sent from our organization identified as spam\junk mail? Or in simple words: who can we blame? Is it the Office 365 users? Is it the specific E-mail message content? Is it the Exchange Online server who route the E-mail message to the “High Risk Delivery Pool”? Is it the “High Risk Delivery Pool”? Is it the Office 365 blacklist providers? Is it the destination mail security gateway? Most of the time, our natural tendency will be to blame the “other side”. The “other side” could be the destination mail server or in our scenario, the Office 365 mail servers. The true answer is that in most of the scenarios the opposite truth. The element that is responsible (guilty) for the reason in which E-mail message that was sent by our organization user is identified as spam\junk mail is located in “our side”! If we want to be very specific: the Office 365 users who “write and send the specific E-mail message”. The “source of the problem” start with the “problematic E-mail message” that was created by the Office 365 users. The “problematic E-mail message” Is the root of all the rest of the process. Note – in a scenario of malware, the “problematic E-mail message” is created by the malware and not by the user himself. When Exchange Online recognizes the E-mail message that was created by the Office 365 user as spam\junk mail, he route the E-mail message to Exchange Online “High Risk Delivery Pool” and so on. When the E-mail message reaches her destination, there is reasonable chance that the “destination mail server” will block the E-mail message because the E-mail message was sent by the Exchange Online- High Risk Delivery Pool or because he also “see” to problematic content of the E-mail message.