Export (0) Print
Expand All

Anti-Spam and Anti-Malware Protection

Office 365
 

Applies to: Office 365

Topic Last Modified: 2014-04-30

Microsoft Exchange Online Protection (EOP) provides built-in malware and spam filtering capabilities that help protect inbound and outbound messages from malicious software and help protect your network from spam transferred through email. Administrators do not need to set up or maintain the filtering technologies, which are enabled by default. However, administrators can make company-specific filtering customizations in the Exchange admin center (EAC).

Looking for information about all EOP features? See the Exchange Online Protection Service Description.

Using multiple anti-malware engines, EOP offers multilayered protection that’s designed to catch all known malware. Messages transported through the service are scanned for malware (viruses and spyware). If malware is detected, the message is deleted. Notifications may also be sent to senders or administrators when an infected message is deleted and not delivered. You can also choose to replace infected attachments with either default or custom messages that notify the recipients of the malware detection.

For Exchange Online Protection standalone customers, the service only scans inbound and outbound messages that are routed by the service, and does not scan messages sent from a sender in your organization to a recipient in your organization. However, for another layer of defense, you can pair the service with the built-in anti-malware protection capabilities of Exchange Server 2013, which scans internal messages for malware.

For Exchange Online and Exchange Enterprise CAL with Services customers, the service scans inbound and outbound messages that are routed by the service, as well as internal messages sent from a sender in your organization to a recipient in your organization.

For more information, see Anti-Malware Protection and Anti-Malware Protection FAQ.

You can customize anti-malware policies in the EAC. You can configure the default policy for company-wide settings. For greater granularity, you can also create custom content filter policies and apply them to specified users, groups, or domains in your organization. Custom policies always take precedence over the default policy, but you can change the priority (that is, the running order) of your custom policies. For more information, see Configure Anti-Malware Policies.

EOP uses proprietary anti-spam technology to help achieve high accuracy rates. The service provides strong connection filtering and content filtering on all inbound messages. Outbound spam filtering is also always enabled if you use the service for sending outbound email, thereby helping to protect organizations using the service and their intended recipients.

For more information, see Anti-Spam Protection and Anti-Spam Protection FAQ.

Spam filtering is automatically enabled for all inbound and outbound email messages processed by EOP. Spam filtering cannot be completely disabled, but certain company-wide settings can be modified by editing your default anti-spam policies. For greater granularity, you can also create custom content filter policies and apply them to specified users, groups, or domains in your organization. By default, custom policies take precedence over the default policy, but you can change the priority (running order) of your custom policies. For more information, see Configure the Anti-Spam Policies.

ImportantImportant:
For EOP standalone customers: By default, the EOP content filters send spam-detected messages to each recipients’ Junk Email folder. However, in order to ensure that the Move message to Junk Email folder action will work with on-premises mailboxes, you must configure two Exchange Transport rules on your on-premises servers to detect spam headers added by EOP. For details, see Ensure that Spam is Routed to Each User's Junk Email Folder.

Messages identified as spam and messages that match a transport rule can be sent to the administrator quarantine. Administrators can search for and view details about quarantined email messages in the EAC. After locating the email message, you can release it to specific users and optionally report it as a false positive (not junk) message to the Microsoft Spam Analysis Team if it was misidentified as spam.

There is also a spam quarantine for end users, which lets them manage their own spam-quarantined messages. End user management of spam-quarantined messages can also be performed via end-user spam notification messages (if they are enabled by an administrator).

For more information about the quarantine feature, see Quarantine.

The Junk Email Reporting Add-in for Microsoft Office Outlook lets EOP users easily report junk (spam) email to Microsoft for analysis to help reduce the number and impact of future junk email messages filtered by the service. For more information about installing and using this tool, see Junk Email Reporting Add-in for Microsoft Office Outlook.

The Junk Email Reporting feature in Outlook Web App lets users easily report junk (spam) email to Microsoft for analysis by using its built-in junk email reporting options. Depending on the results of the analysis, we can then adjust the anti-spam filter rules for our EOP service. For more information, see Junk Email Reporting in OWA.

 

Feature EOP standalone EOP features in Exchange Online Exchange Enterprise CAL with Services

Built-in anti-spam protection

Yes

Yes

Yes

Customize anti-spam policies

Yes1

Yes

Yes

Built-in anti-malware protection

Yes2

Yes

Yes

Customize anti-malware policies

Yes

Yes

Yes

Quarantine: administrator management

Yes

Yes

Yes

Quarantine: end-user self-management

Yes

Yes

Yes

Junk Email Reporting Add-in for Microsoft Office Outlook

Yes

Yes

Yes

Junk Email Reporting in Outlook Web App

Yes3

No3

No3

NoteNote:
1   The default content filter action is to move spam messages to the recipients’ Junk Email folder. For this to work with on-premises mailboxes, you must also configure two Exchange Transport rules on your on-premises servers to detect spam headers added by EOP. For more information, see Ensure that Spam is Routed to Each User's Junk Email Folder.
2   Scans inbound and outbound messages, but does not scan internal messages sent from a sender in your organization to a recipient in your organization.
3   This feature is available to Exchange Server 2013 Service Pack 1 (SP1) customers whose mailboxes are being filtered by EOP, and will soon be available to Exchange Online customers.

If you have comments or questions about this topic, we'd love to hear from you. Just send your feedback to Office 365 Service Description Feedback. Your comments will help us provide the most accurate and concise content.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft