You enable the Sender Policy Framework (SPF) record spam filtering options in Microsoft Forefront Online Protection for Exchange (FOPE). However, you still receive spoofed email messages.
This issue occurs if the sender of the spoofed email message is a member of the Safe Senders list that was uploaded through the FOPE Directory Sync Tool (DST).
To resolve this issue, follow these steps:
- Obtain a copy of the spoofed email message that made it through the spam filter. To do this, perform a raw log trace.
- Run a message trace for the email message. For more information about how to run a message trace, visit the following Microsoft website:
- If the value of the DI field in the disposition is SF, the sender of the email message is flagged as a Safe Sender. Remove this sender from the Safe Senders list.
Article ID: 2634659 - Last Review: June 14, 2013 - Revision: 7.0
- Microsoft Forefront Online Protection for Exchange
|vkbportal225 vkbportal237 vkbportal231 o365 KB2634659|