Configure the outbound spam policy
Applies to: Exchange Online Protection, Exchange Online
Outbound spam filtering is always enabled if you use the service for sending outbound email, thereby protecting organizations using the service and their intended recipients. Similar to inbound filtering, outbound spam filtering is comprised of connection filtering and content filtering, however the outbound filter settings are not configurable. If an outbound message is determined to be spam, it is routed through the higher risk delivery pool, which reduces the probability of the normal outbound-IP pool being added to a block list. If a customer continues to send outbound spam through the service, they will be blocked from sending messages. Although outbound spam filtering cannot be disabled or changed, you can configure several company-wide outbound spam settings via the default outbound spam policy.
The following video shows how to configure the outbound spam policy:
Estimated time to complete: 5 minutes
You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Anti-spam” entry in the Feature permissions in Exchange Online topic.
For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.
The following procedure can also be performed via remote PowerShell. Use the Get-HostedOutboundSpamFilterPolicy cmdlet to review your settings, and the Set-HostedOutboundSpamFilterPolicy to edit your outbound spam policy settings. To learn how to use Windows PowerShell to connect to Exchange Online Protection, see Connect to Exchange Online Protection using remote PowerShell. To learn how to use Windows PowerShell to connect to Exchange Online, see Connect to Exchange Online using remote PowerShell.
Use the following procedure to edit the default outbound spam policy:To configure the default outbound spam policy
In the Exchange admin center (EAC), navigate to Protection > Outbound spam, and then double-click the default policy.
Select the Outbound spam preferences menu option.
Select the following check boxes pertaining to outbound messages, and then specify an associated email address or addresses in the accompanying input box (these can be distribution lists if they resolve as valid SMTP destinations):
Send a copy of all suspicious outbound email messages to the following email address or addresses. These are messages that are marked as spam by the filter (regardless of the SCL rating). They are not rejected by the filter but are routed through the higher risk delivery pool. Separate multiple addresses with a semicolon. Note that the recipients specified will receive the messages as a Blind carbon copy (Bcc) address (the From and To fields are the original sender and recipient).
Send a notification to the following email address when a sender is blocked sending outbound spam. Separate multiple addresses with a semicolon.
When a significant amount of spam is originating from a particular user, the user is disabled from sending email messages. The administrator for the domain, who is specified using this setting, will be informed that outbound messages are blocked for this user. To see what this notification looks like, see Sample notification when a sender is blocked sending outbound spam. For information about getting re-enabled, see Request that a user, domain, or IP address be removed from a block list after sending outbound spam.
Click save. A summary of your default policy settings appears in the right pane.