If you're a user of Office 365 with a hosted mailbox, there may be times when a message ends up in your inbox despite the fact that it was marked as spam. When this occurs, it may be because you have (somehow) disabled junk mail filtering. When this occurs, email is still marked as spam, but instead of going to your Junk Email folder, it lands in your inbox.
How to tell something strange is going on
If something is clearly spam, and you never used to get lots of spam in your inbox, and now you are getting much more than normal, check the message headers. You can get the headers in Outlook Web Access (OWA) or Outlook using the instructions here: When creating support tickets about spam, be sure to include message headers.
Look for the X-Forefront-Antispam-Report header, specifically looking for the SFV property. If you see any of these:
- SFV:SPM (message marked as spam due to spam filter)
- SFV:BLK (message marked as spam because it's on your blocked senders list)
- SFV:SKS (message marked as spam because an Exchange Transport Rule [ETR] marked it as spam)
Then the message should have been delivered to your Junk Email folder.
How to fix this if you are a regular user
There are multiple reasons why this could occur, but the most common is that the setting that moves your spam to Junk Email has been disabled. To fix this: Settings/Options > Mail > Mail > Accounts > Block or allow > Automatically filter junk email
In most cases, this will resolve the problem. If it doesn't you will need to contact your local Help Desk.
How to fix this if you are an administrator
As an administrator, you can also see if the user has mailbox filtering enabled using Powershell. It's pretty easy:
$email= "user@example.com" $junk = Get-MailboxJunkEmailConfiguration -Identity $email $junk | fl Enabled Enabled : False
You can then run Powershell to change this:
Set-MailboxJunkEmailConfiguration -Identity $email -Enabled $true
That will flip the user's setting to move spam to the Junk Email folder.
When would you not want spam moved to the Junk Email folder?
When do you intentionally want to turn this off?
In my personal domain (I get email both to Gmail and to Office 365 for personal email and newsletters), I have Junk Email filtering disabled on purpose. The reason is that I download my email via IMAP, although I also use the Outlook iOS email client as well. When I do that, the email clients don't download my Junk Email folder, and I get legitimate email in there - primarily newsletters (prompting me to write the article How to securely add a sender to an allow list in Office 365).
Here's what I did:
- I changed my spam filter policy to modify the subject to prepend spam messages with [SPAM]
- I disabled my junk email filtering on my personal mailbox
- I created a folder just for Spam, calling it _Spam
- I wrote an Inbox rule in Office 365 to move messages that are marked as spam (by looking through headers) to the _Spam folder
That way, my email clients will download the spam folder and I can look for false positives.
I don't recommend other people do this unless you're a power user like myself. I have reasons for doing this that the average user just doesn't have (I test our service all the time using myself as a guinea pig). I am not concerned about accidentally clicking on spam, nor on being fooled that a spam/phish/malware is actually legitimate.
But that's one reason why someone might not want to move spam to the Junk Email folder. It's why I do it.
But nobody else I know does. That's okay, too.