Why do SCL scores vary for the same email sent to different O365 accounts?

Key findings

• Tenant-specific settings: O365 administrators can configure their tenant's anti-spam and anti-phishing policies, which can influence how emails are scored and filtered for their users, potentially leading to varied SCLs for the same email across different organizations.
• User behavior: Individual user actions, such as reporting emails as spam or moving them to the junk folder, can contribute to the SCL scoring for a particular tenant or even specific recipients over time. This feedback loop can make SCL scores company-specific.
• BCL and PCL scores: Bulk Complaint Level (BCL) and Phishing Confidence Level (PCL) scores are crucial in Microsoft's filtering process. High BCL or PCL scores can trigger an SCL of 9, leading to the email being marked as spam. These scores can fluctuate based on sender reputation and recipient feedback.
• Smart filters: Microsoft's email filters are dynamic and adaptive, meaning they learn from ongoing email traffic patterns, user feedback, and security incidents. This continuous learning can result in real-time adjustments to SCL scores that differ between tenants or even individual mailboxes.

Key considerations

• Troubleshooting methodology: When facing inconsistent SCL scores, it's vital to consider the recipient's specific O365 environment, rather than assuming a universal filtering rule. This involves investigating tenant-level settings and the specific history of interactions with that recipient domain.
• Reputation components: Understand that a sender's reputation is not monolithic. While overall sender reputation is important, factors like a high Bulk Complaint Level (BCL) for a specific O365 instance can significantly impact SCL, even if general analytics show no bulking issues.
• Administrative control: O365 environments allow for custom spam filtering rules and policies at the organizational level. These settings can override or supplement Microsoft's default cloud-sourced filtering, leading to variations in SCL scores.
• Impact of user complaints: Awareness of how user spam complaints directly influence a tenant's SCL perception for a sender is critical. Even a few complaints within a specific O365 instance can disproportionately raise the SCL for future emails from the same sender to that organization. Read more about the difference between junk and bulk email for more context.
• Microsoft deliverability: Understanding the nuances of Microsoft's filtering is key to diagnosing and resolving such deliverability issues.

Key opinions

• Tenant-level influence: Many marketers believe that Office 365 provides administrators with tenant-specific controls that can override or fine-tune spam filtering, leading to varied SCL outcomes for emails from the same sender. These organizational settings are distinct from general cloud-sourced filtering.
• User feedback impact: It's speculated that cumulative user complaints within a particular O365 instance could subtly or significantly increase SCL scores for future emails to that tenant, even if the sender's overall bulk complaint level (BCL) remains low.
• Unpredictability: The inconsistency in SCL scores for identical emails creates an unpredictable environment, making it difficult for marketers to reliably test and optimize their email campaigns for O365 recipients. This is why thorough testing is essential.

Key considerations

• Beyond analytics: Even when bulk sending analytics show no issues, such as low complaint rates or no apparent bulking problems, marketers must look deeper into recipient-specific factors or tenant configurations when SCL scores diverge.
• Recipient-side investigation: When facing SCL discrepancies, it is often necessary to engage with the recipient's IT or managed service provider to understand their specific O365 filtering setup, including any custom rules or heightened security settings.
• Content and reputation consistency: Maintaining a consistent and clean sending reputation, adhering to best practices, and ensuring email content aligns with recipient expectations are always crucial, even if SCL scores sometimes appear arbitrary.

Key opinions

• Company-specific SCL: SCL ratings can be highly company-specific, influenced by how sensitive employees within a given O365 instance are to mail and their history of marking emails as spam. This user feedback directly contributes to the filtering logic for that particular tenant.
• BCL and PCL integration: Experts highlight that BCL (Bulk Complaint Level) and PCL (Phishing Confidence Level) scores are heavily utilized in Microsoft's threshold scoring, which can automatically set an SCL of 9. This means even if an email is not intrinsically spammy, a high BCL for a specific recipient can lead to a high SCL. Understanding this is key to managing sender reputation effectively.
• Adaptive filters: Microsoft's smart filters are designed to adapt over time based on user interactions and evolving threat landscapes. This adaptive nature means that SCL scores are not static and can change based on the ongoing behavior and preferences within each O365 tenant.

Key considerations

• Tenant-specific filtering policies: Senders should be aware that O365 allows for various tenant-level settings that control filtering. These might include additional phishing protection or custom mail flow rules that affect SCL, even if the user isn't directly interacting with the settings.
• User complaint influence: It's crucial to understand that SCL scores are not solely determined by Microsoft's global algorithms. User complaints within a specific O365 domain can contribute to a higher SCL for a sender, making localized deliverability a key concern. This highlights the importance of understanding why emails go to spam.
• Monitoring and adaptation: For senders, proactively monitoring deliverability to various O365 accounts and adapting sending practices based on specific recipient feedback (rather than solely relying on generalized analytics) is essential to mitigate SCL variations.

Key findings

• SCL definition: SCL is an integer score (typically -1 to 9) assigned by Exchange Online Protection (EOP) to indicate the likelihood of an email being spam. A score of -1 generally means safe, while 5 or 9 indicates increasing confidence it's spam.
• Influence of BCL/PCL: Microsoft documentation explicitly states that BCL (Bulk Complaint Level) and PCL (Phishing Confidence Level) scores can trigger specific SCL values, such as an SCL of 9 for high confidence spam. These scores are based on the sender's reputation and historical complaint rates.
• Customizable actions: O365 administrators can configure anti-spam policies to take different actions based on the SCL score. For example, an SCL of 5 might be moved to junk, while an SCL of 9 is quarantined. These policies are set per tenant.
• Safe senders/domains: Adding a sender or domain to a Safe Senders list in Outlook or EOP can result in an SCL of -1, bypassing many filtering checks. This is a common reason for inconsistent SCLs, as some recipients might have a sender safelisted while others do not.

Key considerations

• Filtering thresholds: Admins can define specific SCL thresholds for various actions (e.g., quarantine, junk, delete). These custom thresholds explain why an SCL of 5 might go to junk for one tenant but be delivered to the inbox for another, if their thresholds differ.
• Mail flow rules: Exchange Online allows for highly specific mail flow rules (transport rules) that can inspect email properties and override spam filtering, potentially setting a particular SCL or taking action regardless of the SCL determined by EOP. This flexibility can lead to SCL discrepancies.
• Tenant-specific policies: The documentation underscores that the ultimate treatment of an email in O365 is subject to the specific anti-spam policies active for that tenant. This means that while Microsoft provides baseline protection, each organization tailors its own security posture, impacting SCL outcomes. This variability explains why Outlook.com deliverability can be inconsistent.
• Sender reputation weighting: While an SCL is assigned to each message, Microsoft's system also heavily weighs the sender's reputation, including IP reputation and domain reputation. This reputation is built over time and can be influenced by specific recipients' interactions, even if the message content itself appears benign.