We've been flooded with unsolicited calendar invites lately. It seems someone has caught onto our email naming scheme and is sending out a ton of calendar requests that pop up directly in our users' calendars. We're using Microsoft 365 with Proofpoint Essentials, and I've been trying to find a filter-based solution but keep hitting roadblocks. I'd love to hear how other organizations are handling this situation. Are there any effective strategies or tools I might be missing, or is everyone just putting up with it?
7 Answers
I faced this problem before at a past job. One key issue is that Exchange Online auto-adds calendar invites by default. To fix it, you can change the calendar processing settings so that invites don't get added automatically. You can do this via PowerShell using `Set-CalendarProcessing`, or you can implement it organization-wide through Outlook on the web settings. Also, on the Proofpoint side, consider creating a content filter that targets common spam invite patterns like certain subject lines or domains. Changing the calendar settings made a big difference for us!
At my organization, we use Gmail and have the option to block external invites from showing up automatically in calendars until they are accepted. This feature was super helpful because it allowed us to catch unwanted invites in our email filters. I'm wondering if Microsoft has similar settings that could help you.
Thanks for the suggestion! I’ll see if Microsoft offers that functionality.
You could just accept every invite but not actually join or respond. Redirect all invitations from the spam domain to a general account that auto-accepts them. It's kind of fun, and sometimes they stop coming after a while when they realize you’re not actually engaging. Treat it like a little game!
I tell everyone to just accept the invites and not go. If someone sends me a random invite, I’m okay wasting a little of their time in return. After a few missed meetings, they usually get the message.
I prefer not to acknowledge it at all. I just leave it and never respond.
I accept and delete without saying anything. If they follow up, I just say, "Were you trying to schedule again?" It’s a repetitive but effective method.
Honestly, you could report them to your local spam authority, even if it likely won’t help much. Additionally, contacting your Proofpoint rep could help you configure your setup properly to minimize these issues.
You could try blocking the domain that these invites are coming from directly.
That might not work well if they're using common domains like gmail.com or if they're sending from a bunch of randomly generated addresses. Blocking for this type of spam can be tricky.
Exactly! The invites are coming from random Gmail accounts. We definitely need to still receive legitimate emails from Gmail.
It’s wild how these deceptive tactics are used to gain attention. If they’re dishonest to get you interested in their product, what makes you think they’ll be honest after you buy it?
This sounds promising! I appreciate the tip.