In the Office 365 service, we have made a change to the way the service detects bulk email. In the past, we lumped all Bulk email together. For example, suppose you had four messages with the following Subject lines and other characteristics:
- Subject: Your Daily Deal-of-the-Day!
You signed up for this newsletter once a long time ago, and you read it once per week. - Subject: Attend an upcoming webinar for a product you don’t care about!
You were at a conference one time and put your business card in a fishbowl for a drawing for a free iPad Air, but you didn’t win. Unfortunately, you didn’t realize that by giving away your business card you were “consenting” to the people behind the draw to add your name to their email list. - Subject: Security News: Company A releases an updated version of its product
You’re a security professional and you want to get up-to-date news on what’s out there. You signed up for this email and read it every day. - Subject: The latest Back to School special
You were buying something one time at a large retailer and in order to get 10% off your purchase of pencils, you gave them your email address. Little did you know, this meant signing up to receive advertisements via email. Who reads the fine print on receipts, anyway?
Looking over these types of bulk email, some of them (#3) are more desirable than others (#2). In Office 365, we used to mark all of these as bulk email and then give customers the ability to mark them as spam using an Advanced Spam Filtering (ASF) rule.
The problem with this is that it was a balancing act – if we added them all, some people would say that they wanted their Security Newsletters that they signed up for. If we didn’t add them all, people would say that the upcoming webinars were spam and they wanted them blocked. But if we then blocked the webinars, people would say “Where’s my webinar newsletter?” (Albeit, this was a smaller proportion of the population).
There was no balancing act that could please everyone.
Until now.
Office 365 now uses the concept of Bulk Complaint Levels, or BCLs. The BCL is assigned only to bulk emailers. The higher the BCL, the more likely a bulk emailer is to generate complaints from end users. In this regard, it is the same as the Spam Confidence Level (SCL – the higher it is, the more likely it is spam) and Phishing Confidence Level (PCL – the higher it is, the more likely it is Phishing).
The BCL is stamped in the X-Microsoft-Antispam header:
X-Microsoft-Antispam: BCL:6;
Thus, rather than marking all Bulk email as spam, customers can set their own thresholds. If you want to get rid of the Bulk mailers that generate the most complaints, then block only BCL 9. This would still allow most bulk email.
However, if you want to block most – or all – bulk email, then choose a lower threshold such as BCL 1. This will cause a tradeoff between bulk email in the inbox, but will also generate false positives. BCL 6 is the default level but this is subject to change.
This setting is currently managed using Exchange Transport rules. To learn how to set this up, see the below article:
Use transport rules to aggressively filter bulk email messages
http://technet.microsoft.com/en-us/library/dn720438(v=exchg.150).aspx
This represents a much better method for stopping bulk email. Customers can now pick their own level of aggressiveness for filtering bulk rather than relying on a Service-Wide setting that includes many different customers with different receiving profiles.
I hope you find it useful.
Related Articles
- How to create more aggressive Bulk email settings in Office 365 (this article is much more aggressive than BCLs)
http://blogs.msdn.com/b/tzink/archive/2013/10/09/how-to-create-more-aggressive-bulk-email-settings-in-exchange-online.aspx - How to set up safe and blocked senders in Office 365
http://support.microsoft.com/kb/2545137 - Antispam Protection FAQ
http://technet.microsoft.com/en-us/library/jj937231(v=exchg.150).aspx - Advanced Spam Filtering Options
http://technet.microsoft.com/en-us/library/jj200750(v=exchg.150).aspx - Spam Confidence Levels
http://technet.microsoft.com/en-us/library/jj200686(v=exchg.150).aspx