'Tis the season for more spam.
With the holidays approaching, Microsoft is currently rolling out an update for its Exchange Online Protection (EOP) service that is meant to help users deal with the onslaught of email promotions and cut down on the inbox clutter. EOP is a cloud-based enterprise email security product that filters spam and malware. Microsoft claims that EOP helps block 10 million spam messages per minute for the company's customers.
The new EOP update provides organizations with new tools to filter bulk emails. "With this new capability, we are introducing a simple, intuitive control in the Exchange Admin Center to allow you to easily block more of these 'bulk' emails," wrote Microsoft Exchange Online Protection program manager Chris Nguyen and technical product manager Shobhit Sahay in a Nov. 24 blog post.
Microsoft classifies bulk email as "email that falls somewhere in the middle of spectrum between junk email and good email—some users want it, others do not," said Nguyen and Sahay. "Examples of bulk email include newsletters, social updates and promotions," content that may not be entirely unwelcome, but can nonetheless compete with legitimate work emails for attention.
Since the difference between bulk email and outright spam is not cut-and-dried, Microsoft is relying on a measurement called Bulk Complaint Level. "Earlier this year, we significantly increased EOP's bulk detection and assigned Bulk Complaint Level (BCL) ratings to email from bulk senders to indicate the likelihood it would generate a complaint," explained the bloggers.
According to a related online support document, bulk mailers are rated one to nine based on the likelihood that they attract complaints. Good examples "send wanted messages with relevant content to their subscribers," generating barely a peep from recipients, according to the company.
However, others resort to some unsavory tactics. "Other bulk mailers send unsolicited messages that closely resemble spam and generate many complaints from recipients. To distinguish these types of bulk mailers, messages from bulk mailers are assigned a Bulk Complaint Level (BCL) rating," stated Microsoft.
The X-Microsoft-Antispam header of a message contains this rating, enabling EOP's bulk email filtering and resulting in cleaner user inboxes. New Exchange Admin Center controls, which replace the Bulk Mail Advanced Spam filtering option, allow organizations to tweak EOP's settings based on this rating. "For example, selecting 5 treats email with a BCL of 5 or higher to be treated as spam," wrote Nguyen and Sahay.
Spammers are getting craftier in their efforts to thwart common email filtering techniques.
In June, Cisco reported an increase in "snowshoe spam," or the practice of sending bulk emails over several IP addresses versus just one. Since a relatively low volume of spam is sent over each address, it slips past IP-based detection methods. Cisco's research revealed that snowshoe spam accounted for 15 percent of all spam in April 2014, up from 7 percent in November 2013.