Introduction
It has been brought to our attention that Microsoft recently updated their anti-phising engine in Microsoft 365 which has led to increase in HCS-Company Microsoft Services invoices being marked as spam due to:
- Brand Impersonation (our company has the name Microsoft in it)
- Different Return Path than sender email address (we use SendGrid to send email)
- Request for payment (which is kind of the point with invoices)
Mail Flow rule in Office 365 for safely receiving HCS-Company Microsoft Service invoices
- Login to the Exchange Admin Center at Exchange admin center (microsoft.com)
- Click Rules
- Add A rule - Create new Rule
- Click More options... to have all conditions and actions become available, before actually creating the rule:
- Give the rule a meaningful name, for example: HCS-MS invoice reception
- Click on *Apply this rul if.., select A message header includes. For Specify header name use Authentication-Results. For specify words or phrases use dmarc=pass and using the + button add dmarc=bestguesspass
- Add an condition for the sender's domain is.. with the value hcs-company.com
- Add an Action Modify the Message Properties followed by Set the message header to this value.... The Message header is X-ETR. The header value is: Bypass spam filtering for authenticated sender 'hcs-company.com'
- Add another Action Modify the Message Properties followed by Set the Spam Confidence Level (SCL) to Bypass Spam filtering
- Leave the rest of the options at default values and click [Save] to save the Mail Flow Rule
