

Email advertisements often include this tag to solicit information from the recipient. This tag is used to create website forms. Messages that contain HTML tags are marked as high confidence spam. X-CustomSpam: Javascript or VBscript tags in HTML These scripting languages are used in email messages to cause specific actions to automatically occur. Messages that use JavaScript or Visual Basic Script Edition in HTML are marked as high confidence spam. This tag allows the embedding of different kinds of documents in an HTML document (for example, sounds, videos, or pictures). Message that contain HTML tags are marked as high confidence spam. Messages with no subject, no content in the message body, and no attachments are marked as high confidence spam. The following Mark as spam ASF settings set the SCL of detected messages to 9, which corresponds to a High confidence spam filter verdict and the corresponding action in anti-spam policies. info links in the body of the message are marked as spam. Message that contain hyperlinks that redirect to TCP ports other than 80 (HTTP), 8080 (alternate HTTP), or 443 (HTTPS) are marked as spam. Messages that contain numeric-based URLs (typically, IP addresses) are marked as spam. X-CustomSpam: Image links to remote sites Messages that contain HTML tag links to remote sites (for example, using http) are marked as spam. The following Increase spam score ASF settings set the spam confidence level (SCL) of detected messages to 5 or 6, which corresponds to a Spam filter verdict and the corresponding action in anti-spam policies. You can't configure different test mode actions for different ASF settings. The same test mode action is applied to all ASF settings that are set to Test.SPF record: hard fail ( MarkAsSpamSpfRecordHardFail).NDR backscatter( MarkAsSpamNdrBackscatter).Conditional Sender ID filtering: hard fail ( MarkAsSpamFromAddressAuthFail).Test mode is not available for the following ASF settings:.In PowerShell, you separate multiple email addresses by commas. In the Microsoft 365 Defender portal, you separate multiple email addresses by semicolons ( ). Send Bcc message ( BccMessage): The specified email addresses (the TestModeBccToRecipients parameter value in PowerShell) are added to the Bcc field of the message, and the message is delivered to the additional Bcc recipients.You can use this value in Inbox rules or mail flow rules (also known as transport rules) to affect the delivery of the message. Add default X-header text ( AddXHeader): The X-header value X-CustomSpam: This message was filtered by the custom spam filter option is added to the message.The message is still subject to other types of filtering and rules in EOP. None: Message delivery is unaffected by the ASF detection.What happens to the message is determined by the Test mode ( TestModeAction) value: Test: ASF adds the corresponding X-header field to the message.

This is the default value, and we recommend that you don't change it. On: ASF adds the corresponding X-header field to the message, and either marks the message as Spam (SCL 5 or 6 for Increase spam score settings) or High confidence spam (SCL 9 for Mark as spam settings). Enable, disable, or test ASF settingsįor each ASF setting, the following options are available in anti-spam policies: For more information, see Configure anti-spam policies in EOP. The following sections describe the ASF settings and options that are available in anti-spam policies in the Microsoft 365 Defender portal, and in Exchange Online PowerShell or standalone EOP PowerShell ( New-HostedContentFilterPolicy and Set-HostedContentFilterPolicy).

