Obtain information about features and requirements for Exchange Online Protection. Included is a list of plans that provide Exchange Online Protection, as well as a comparison of features across those plans.
Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that helps protect your organization against spam and malware and includes features to safeguard your organization from messaging-policy violations. EOP can simplify the management of your messaging environment and alleviate many of the burdens that come with maintaining on-premises hardware and software.
The following list describes the primary ways you can use EOP for messaging protection:
In a standalone scenario: EOP provides cloud-based email protection for your on-premises email environment (Exchange Server or other on-premises SMTP email solutions).
As a part of Microsoft Exchange Online: By default, EOP protects Exchange Online cloud-hosted mailboxes. To learn more about Exchange Online, see the Exchange Online service description.
In a hybrid deployment: EOP can be configured to protect your messaging environment and control mail routing when you have a mix of on-premises and cloud mailboxes.
For more information about Exchange Enterprise CAL with Services licensing, see Exchange licensing FAQs.
If you have Exchange Enterprise CAL with Services licenses and you want to provision EOP, follow the instructions in Set up your EOP service. The setup steps are the same as the steps for setting up EOP standalone.
Note
New features for Exchange Enterprise CAL with Services are deployed at the same time as Exchange Online, not EOP standalone. Be advised that the deployment schedules for EOP standalone and Exchange Online/Exchange Enterprise CAL with Services may be slightly different.
Requirements for Exchange Online Protection (EOP)
EOP can be used with any SMTP mail transfer agent, such as Microsoft Exchange Server. For information about the operating systems, web browsers, and languages that are supported by EOP, see the "Supported browsers" and "Supported languages" sections in Exchange admin center in Exchange Online Protection.
The following table lists the major Exchange Online Protection features available across plans. Certain caveats apply. See the footnotes for further information. This table may change without notice. For the most up-to-date, complete list of features, see Powerful tools to support your enterprise.
Feature
Standalone EOP
EOP in EE CAL w/ Services
EOP features in Exchange Online
Protection
Anti-malware policies (built-in and custom)
Yes
Yes
Yes
Inbound anti-spam policies (built-in and custom)
Yes
Yes
Yes
Outbound anti-spam policies (built-in and custom)
Yes
Yes
Yes
Connection filtering (IP Allow list and IP Block list)
Yes
Yes
Yes
Anti-phishing policies (built-in and custom)
Yes
Yes
Yes
Anti-spoofing protection (built-in and custom)
Yes
Yes
Yes
Zero-hour auto purge (ZAP) for delivered malware, spam, and phishing messages10
No
No
Yes
Preset security policies
Yes
Yes
Yes
Configuration analyzer for protection policies
Yes
Yes
Yes
Tenant Allow/Block List
Yes
Yes
Yes
Block lists for message senders
Yes
Yes
Yes
Allow lists for message senders
Yes
Yes
Yes
Edge blocking
Yes
Yes
Yes
Directory Based Edge Blocking (DBEB) for nonexistent recipients
Yes
Yes
Yes
Quarantine and submissions
Admin submission10
No
No
Yes
User submission (custom mailbox)10
No
No
Yes
Admin quarantine
Yes
Yes
Yes
End-user quarantine
Yes
Yes
Yes
Report Message add-in and Report Phishing add-in for Outlook
Yes
Yes
Yes
Mail flow
Mail flow rules (transport rules)4
Yes
Yes6
Yes
Accepted domains3
Yes
Yes
Yes
Connectors
Yes
Yes
Yes
Enhanced Filtering for Connectors (skip listing)
Yes
Yes
Yes
Monitoring
Message trace
Yes
Yes
Yes
Email and security reports in the Microsoft 365 admin center
Yes7
Yes7,8
Yes8
Security reports in the Microsoft 365 security center
Yes7
Yes7,8
Yes8
Email reports in the EAC
Yes7
Yes7,8
Yes8
Admin audit logging5
Yes
Yes
Yes
Users
Mail users and mail contacts1
Yes
Yes
Yes
Mailboxes
No
No
Yes1a
Role based access control (RBAC)2
Yes
Yes
Yes
Compliance
Data Loss Prevention for email
No
Yes
Yes
Microsoft Purview Message Encryption
No9
No9
Yes
Administration
Microsoft 365 admin center
Yes
Yes
Yes
Exchange admin center
Yes
Yes
Yes
Microsoft 365 security center
Yes
Yes
Yes
Standalone Exchange Online Protection PowerShell
Yes
No
No
Exchange Online PowerShell
No
Yes
Yes
1 You create, remove, and edit mail users and mail contacts in the EAC. 1a You create and remove mailboxes in the Microsoft 365 admin center. You can edit existing mailboxes in the EAC. 2 In standalone EOP and EE CAL with Services, there are no end-user roles or role assignment policies. 3 You add and remove domains in the Microsoft 365 admin center. In the EAC, you configure domains as Authoritative or Non-Authoritative. 4 A few rule conditions, exceptions, and actions are not available in standalone EOP or the EOP in EE CAL with Services. These differences are clearly noted in Exchange Online mail flow rule content. 5 In standalone EOP and EE CAL with Services:
Mailbox auditing reports aren't available.
The Administrator role group report and Admin audit log report are the only admin auditing reports in the EAC.
Audit log export available only via PowerShell.
6 DLP policy tips are not available in EE CAL with Services. 7 Reports in standalone EOP and EE CAL with Services are a subset of Exchange Online reports (reports that deal with mailboxes). 8 Includes DLP reports. 9 You can purchase Azure Information Protection as an add-on subscription and use OME if you configure your on-premises email environment to route email to and from the internet through EOP. 10 This feature requires Exchange Online mailboxes.
Learn more
For technical information about Exchange Online Protection, check out the following resources:
The Microsoft 365 roadmap is a good resource for finding out information about upcoming new features.
Licensing terms
For licensing terms and conditions for products and services purchased through Microsoft Commercial Volume Licensing Programs, see the Product Terms site.
Messaging
To keep track of upcoming changes, including new and changed features, planned maintenance, or other important announcements, visit the Message Center. For more information, see Message center.
This module examines how Exchange Online Protection (EOP) protects organizations from phishing and spoofing. It also explores how EOP blocks spam, bulk email, and malware before they arrive in users’ mailboxes.
Learn about the exchange online protection feature details like recipient, domain, and company management, Messaging policy and compliance, Mail flow and Anti-spam and anti-malware protection.
Admins can learn about the standalone Exchange Online Protection (EOP) that used to protect on-premises email environments (including hybrid environments).
Microsoft Defender for Office 365 is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real time.
Admins can learn about anti-malware protection and anti-malware policies that protect against viruses, spyware, and ransomware in Exchange Online Protection (EOP).
Follow these best-practice recommendations for standalone Exchange Online Protection (EOP) in order to set yourself up for success and avoid common configuration errors.