Which two actions should you perform?

You are the Office 365 administrator for Contoso, Ltd.
Some email messages sent from the trusted domain fabrikam.com are being rejected as spam. Some
of these email messages originate inside the fabnkam.com network, and some of them originate
from an application in the fabrikam.com co-located data center.
The fabrikam.com systems administrators have asked you to add their domain and the IP addresses
of the data center that hosts their external application to your list of safe senders.
You need to configure Microsoft Exchange Online Protection.
Which two actions should you perform? Each correct answer presents part of the solution.

You are the Office 365 administrator for Contoso, Ltd.
Some email messages sent from the trusted domain fabrikam.com are being rejected as spam. Some
of these email messages originate inside the fabnkam.com network, and some of them originate
from an application in the fabrikam.com co-located data center.
The fabrikam.com systems administrators have asked you to add their domain and the IP addresses
of the data center that hosts their external application to your list of safe senders.
You need to configure Microsoft Exchange Online Protection.
Which two actions should you perform? Each correct answer presents part of the solution.

A.
Configure a content filter to allow the fabrikam.com domain.

B.
Configure a mail flow rule to bypass spam filtering for the data center IP address range.

C.
Create a connection filter to allow the data center IP address range.

D.
Add the fabrikam.com domain as an accepted domain.

E.
Create an inbound connector for the fabrikam.com domain.

F.
Configure a mail flow rule to bypass spam filtering for the fabrikam.com domain.

Explanation:
http://blogs.msdn.com/b/tzink/archive/2013/07/02/how-to-use-safe-senders-in-eop-and-fope.aspx
http://www.msexchange.org/kbase/ExchangeServerTips/MicrosoftOffice365/ExchangeOnline/safeandblocked-senders-list-owa-2013-and-office-365.html
http://technet.microsoft.com/en-GB/library/dn198251(v=exchg.150).aspx
Connection Filters
http://technet.microsoft.com/en-us/library/jj200718(v=exchg.150).aspx



Leave a Reply 17

Your email address will not be published. Required fields are marked *


Anna

Anna

They ask to add their domain and data center IP to safe list.
D and E is out
A – content (spam) filter can allow specific domain
B – mail flow can bypass spam filter based on IP
C – connection filter has IP Allow/Block list
F – mail flow can bypass based on domain

why C and not B? why F and not A?

In transport rule – Bypass spam filtering is note:

Bypass spam filtering
You don’t need to create a transport rule to bypass spam filtering or mark email as spam for a sender or domain. Click here to use an allow or block list in the spam filter.

So, correct answer is A nad C?

Amr Eid

Amr Eid

You can add the IP addresses (or IP address ranges) for all your domains that you consider safe to the IP Allow list. However, if you don’t want your IP Allow List entry to apply to all your domains, you can create a Transport rule that excepts specific domains.
To do this, you need to follow these steps:
1.In the EAC, navigate to Mail flow > Rules.
2.Click Add Icon and then select Create a new rule.
3.Give the rule a name and then click More options.
4.Under Apply this rule if, select The sender and then choose IP address is in any of these ranges or exact matches.
5.In the specific IP addresses box, specify the IP address or IP address range you entered in the IP Allow list, click Add Add Icon, and then click ok.
6.Under Do the following, set the action by choosing Modify the message properties and then set the spam confidence level (SCL). In the specify SCL box, select 0, and click ok.
7.Click add exception, and under Except if, select The sender and choose domain is.
8.In the specify domain box, enter the domain for which you want to bypass spam filtering, such as contosob.com. Click Add Add Icon to move it to the list of phrases. Repeat this step if you want to add additional domains as exceptions, and click ok when you are finished.
9.If you’d like, you can make selections to audit the rule, test the rule, activate the rule during a specific time period, and other selections. We recommend testing the rule for a period before you enforce it. Manage mail flow rules contains more information about these selections.
10.Click the save button to save the rule. It appears in your list of rules.
After you create and enforce the rule, spam filtering for the IP address or IP address range you specified is bypassed only for the domain exception you entered.

Amr Eid

Amr Eid

So the correct answers are B & F

Marty McFly

Marty McFly

Key here is ” being rejected as spam” and as Anna says “They ask to add their domain and data center IP to safe list.”

In Office 365>Exchange admin Centre you can look under “protection” this is an interface for EOP.

In the protection area you have an option for “spam filter” menu you will see a list of your spam polices, there is only one by default. You can click the grey pencil and edit this policy and here you can configure the “Domain allow list:”. I think this is A.

In the same area (under protection) you can see a connection filter menu, here you can edit again and there are two options, general and connection filtering, the second one allows you to specify allowed IP address. This is option C and therefore correct.

D sounds correct however you can add “accepted domains” in the Mailflow are of EAC and these are for the domains which you are authorative (to which you will receive email) so it is not right.

E is incorrect. In the mail flow area the connectors option is not for whitelisting domains for spam https://technet.microsoft.com/en-US/library/ms.exch.eac.ConnectorIsConnectorNeeded(EXCHG.150).aspx?v=15.1.485.14&l=1&s=BPOS_S_E15_0

B is incorrect mail flow rules are for compliance and such, not for spam management

JosefTheGreat

JosefTheGreat

But the Domain is already allowed. The scenario says that “some messages are rejected”. So the domain is already allowed. The thing is that some emails are wrong filtered in this scenario. So A and F should be right!

Vietnam

Vietnam

I´d go with C and F too….

C is obvious – use IP filtering to allow sending messages from unauthorized IP. Since it is known then it can be added. The same you do for your own domain if emails are being sent from some third party like salesforce etc. In Online you´d modify SPF record, on EOP you modify this.

F because it is said that “application” is used to send emails. Since that is not a user, and most likely is using some smtp relay, they might bump to spam filter. If you use F then no messages from fabrikam will be bounced / sent to spam.

NoOne

NoOne

The ECP shows this note if you create a Mail flow rule to bypass spam filtering for a domain:

Bypass spam filtering
You don’t need to create a transport rule to bypass spam filtering or mark email as spam for a sender or domain. Click here to use an allow or block list in the spam filter.

It points at the spam filter in the EOP however that option is not given in the answers. So i would go for C and F too

Shabnam

Shabnam

Having further search and test in operational environment:

Obviously C,D&E are out (C:we can not create connection filter we only can edit it)
A,B and F can be correct , having seen Mail flow rules we may create new rule to by pass spam filter for IP or Domain but when you create new rule for Domain name in “create new rule page” you will find Microsoft recommendation as below:

You don’t need to create a transport rule to bypass spam filtering or mark email as spam for a sender or domain. Click here to use an allow or block list in the spam filter.
so to by pass domain name A is correct
to by pass IP address B is correct

mgmjtech

mgmjtech

C and F are correct. Tested!

CJ

CJ

I’d go for A and C too.

John L

John L

I would achieve this by
1. editing the Spam Filter (add domain name to Allow list) and
2. editing the default Connection Filter (add IP range to IP Allow list).

So lets look at the possible answers given.
A: Wrong. There isn’t such a thing as ‘Content Filter. You allow domains in the Spam Filter.
B: Would work, although in the pop up it suggests using the spam filter (which is a bit misleading as IP address ranges can’t be added there only domain names)
C: I add the IP address ranges here in connection filter, but only by editing the default connection filter, there does not appear to be a way of creating a connection filter as the answer states – so for that reason alone C is wrong.
D: Def wrong – accepted domains are domains that are part of your company / Exchange domain.
E: Not relevant
F: Would work but again recommends using Spam Filter.
Based on the reasoning above and focussing on the exact wording of the answers I’d reluctantly go for:
B & F

kc

kc

so is it C, F or B, F

fafacoco

AllTheStudying

AllTheStudying

I agree. Why go down to the transport / mail flow level when you don’t have to?

Dustin

Dustin

I found the same site fafacoco linked. Yet there it says, right at the beginning: “You can use a safe sender list or a mail flow rule to bypass spam filtering and prevent good email messages from getting marked as junk mail.”

‘safe sender list’ equals answer C.
‘mail flow rule’ equals answer F!

chris1812

chris1812

Because content filters doesn’t exist anymore

For me, it’s C F