Export (0) Print
Expand All
2 out of 4 rated this helpful - Rate this topic

Exchange Online Protection Service Description

Office 365
 

Applies to: Office 365

Topic Last Modified: 2014-04-14

Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that helps protect your organization against spam and malware, and includes features to safeguard your organization from messaging-policy violations. EOP can simplify the management of your messaging environment and alleviate many of the burdens that come with maintaining on-premises hardware and software.

The following are the primary ways you can use EOP for messaging protection:

  • In a standalone scenario   EOP provides cloud-based email protection for your on-premises Exchange Server 2013 environment, legacy Exchange Server versions, or for any other on-premises SMTP email solution.

  • As a part of Microsoft Exchange Online   By default, EOP protects Exchange Online cloud-hosted mailboxes. To learn more about Exchange Online, see the Exchange Online Service Description.

  • In a hybrid deployment   EOP can be configured to protect your messaging environment and control mail routing when you have a mix of on-premises and cloud mailboxes.

To compare features across plans, see Office 365 service comparison.

To buy Exchange Online Protection, see Exchange Online Protection.

ImportantImportant:
EOP replaces Forefront Online Protection for Exchange (FOPE). All FOPE customers will be transitioned to EOP. EOP delivers the protection and control provided by FOPE, and also includes additional features. For more information about transitioning from FOPE to EOP, go to the Forefront Online Protection for Exchange (FOPE) Transition Center.

For information about new features in EOP, see What's New in Exchange Online Protection. For a feature comparison between FOPE and EOP, see FOPE vs. EOP Feature Comparison.

EOP is available through the following subscription plans:

 

Plan Description

EOP standalone

Where EOP protects your on-premises mailboxes.

EOP features in Exchange Online

Where EOP protects your Exchange Online cloud-hosted mailboxes.

Exchange Enterprise CAL with Services

Where EOP protects your on-premises mailboxes, like EOP standalone, and includes data loss prevention (DLP) and reporting using web services.

Microsoft Exchange Enterprise CAL with Services provides the email protection features of EOP for your on-premises messaging environment, along with the following features:

For more information regarding Exchange Enterprise CAL with Services licensing, see Exchange Server 2013 licensing.

If you have Exchange Enterprise CAL with Services licenses and you want to provision the service, follow the instructions in Set Up Your EOP Service. The setup steps are the same as the steps for setting up EOP standalone.

NoteNote:
New features for Exchange Enterprise CAL with Services are deployed at the same time as Exchange Online, not EOP standalone. Be advised that the deployment schedules for EOP standalone and Exchange Online/Exchange Enterprise CAL with Services may be slightly different.

EOP can be used with any SMTP mail transfer agent, such as Microsoft Exchange Server 2013. For information about the operating systems, web browsers, and languages that are supported by EOP, see the “Supported browsers” and “Supported languages” sections in Exchange Admin Center in Exchange Online Protection.

The following limits currently exist for EOP:

  • The maximum message size for EOP standalone customers, including attachments, is 150 MB. This applies to inbound and outbound messages. The maximum message size for Exchange Enterprise CAL with Services and Exchange Online customers is 25 MB.

    NoteNote:
    For more information about limits in Exchange Online, see Exchange Online Limits. The transport rule limits are also applicable for EOP standalone customers. The recipient rate and message rate limits for Exchange Online are not applicable for EOP standalone customers.
  • The limit for the number of outbound messages sent through EOP is high enough to ensure that normal email communication is not treated as spam. If you want to send commercial bulk email messages, rather than sending outbound messages through EOP, we recommend that you either use a third-party email service provider (ESP) or send them through your on-premises email servers.

  • The maximum number of recipients that EOP customers can send a message to is 500.

  • When configuring an IP Allow list or an IP Block list in the connection filter, you can specify a maximum of 1273 IP addresses (keeping in mind that a single entry can be anywhere from 1 to 256 addresses using CIDR notation).

  • Messages in deferral will remain in our queues for 2 days. Message retry attempts are based on the error type received from the recipient’s mail system. On average, messages are retried every 5 minutes.

  • By default, spam messages sent to the quarantine are retained for 15 days. This value can be lowered via content filter policies.

  • If enabled, end-user spam quarantine notifications can be configured to be sent every 1 to 15 days. They are sent every 3 days by default.

  • For reporting and message trace limits, see the “Reporting and message trace data availability and latency” section in Reporting and Message Trace in Exchange Online Protection.

  • You can add up to 900 domains per tenant. Subdomains can be included in this 900 limit, or if necessary, as part of a catch-all option, match subdomains. For more information, see View or Edit Managed Domains in EOP.

Each feature is listed below. For more detailed information about EOP features, click the links in the table. When Exchange Online is mentioned, it typically refers to the Office 365 Enterprise service family.

 

Feature EOP standalone EOP features in Exchange Online Exchange Enterprise CAL with Services

Mail recipients

Yes

Yes1

Yes

Admin role group permissions

Yes2

Yes

Yes

Domain management

Yes3

Yes3

Yes3

Match subdomains

Yes

Yes

No

Directory Based Edge Blocking (DBEB)

Yes

No

No

Transport rules

Yes4

Yes4

Yes

Audit logging

Yes5

Yes

Yes

Data Loss Prevention (DLP)

No

Yes

Yes6

Office 365 Message Encryption

Yes12

Yes

Yes12

Anti-malware protection (built-in)

Yes

Yes

Yes

Customize anti-spam policies

Yes7

Yes

Yes

Anti-malware protection (built-in)

Yes

Yes

Yes

Customize anti-malware policies

Yes

Yes

Yes

Quarantine: administrator management

Yes

Yes

Yes

Quarantine: end-user self-management

Yes

Yes

Yes

Junk Email Reporting Add-in for Microsoft Office Outlook

Yes

Yes

Yes

Junk Email Reporting in Outlook Web App

Yes8

No8

No8

Outbound mail routing

Yes

Yes

Yes

Secure messaging with a trusted partner

Yes

Yes

Yes

Safe listing a partner’s IP address

Yes

Yes

Yes

Conditional mail routing

Yes

Yes

Yes

Hybrid mail routing

Yes

Yes

Yes

Office 365 admin center reports

Yes 9

Yes

Yes 9

Excel download application reports

Yes

Yes

Yes10

Reporting using web services

No

Yes

Yes

Message trace

Yes

Yes

Yes

Access to the Office 365 admin center

Yes

Yes

Yes

Access to the Exchange admin center (EAC)

Yes

Yes

Yes

Remote Windows PowerShell access

Yes11

Yes

Yes

NoteNote:
1   Mail users are defined as “Mailboxes,” and, along with external mail contacts, can be added, removed, and otherwise managed directly in the Exchange admin center (EAC).
2   No RBAC customization. Admin roles only.
3   Managed domains can be viewed and domain types can be edited in the EAC. All other domain management must be done in the Office 365 admin center.
4   The available predicates and actions differ between EOP and Exchange Online. For a list of available predicates and actions in EOP, see Transport Rule Predicates and Transport Rule Actions. For a list of available predicates and actions in Exchange Online, see Transport Rule Predicates and Transport Rule Actions.
5   EOP auditing reports are a subset of Exchange Online auditing reports that exclude information about mailboxes.
6   DLP policy tips are not available for Exchange Enterprise CAL with Services customers.
7   The default content filter action is to move spam messages to the recipients’ Junk Email folder. For this to work with on-premises mailboxes, you must also configure two Exchange Transport rules on your on-premises servers to detect spam headers added by EOP. For more information, see Ensure that Spam is Routed to Each User's Junk Email Folder.
8   This feature is available to Exchange Server 2013 Service Pack 1 (SP1) customers whose mailboxes are being filtered by EOP, and will soon be available to Exchange Online customers.
9   EOP reports are a subset of Exchange Online reports that exclude information about mailboxes.
10   Exchange Enterprise CAL with Services customers should install the workbook by selecting the Exchange Online service rather than the Exchange Online Protection service.
11   Full EOP functionality is available except for the ability to manage users and groups, which is targeted to be added to the service in the second quarter of 2014.
12    Supported for on-premises customers who purchase Azure AD Rights Management and use Exchange Online Protection to route email through Exchange Online.

If you have comments or questions about this topic, we'd love to hear from you. Just send your feedback to Office 365 Service Description Feedback. Your comments will help us provide the most accurate and concise content.

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.