Office 365 Email Anti-Spam Protection
Applies to: Exchange Online, Exchange Online Protection
Topic Last Modified: 2014-12-15
Are you concerned about too much spam in Office 365? We’ve built multiple types of spam filters into your Exchange Online or Exchange Online Protection (EOP) service, so your email is protected from the moment you receive your first message. In order to help prevent spam in Exchange Online, you may want to change a protection setting to deal with a specific issue in your organization—say you’re receiving a lot of spam from a particular sender, for example – or to simply fine tune your settings so that they’re tailored to best meet the needs of your organization. To do this, you can change the following types of anti-spam policy settings in the Exchange admin center:
Connection filtering is one of the types of spam filters that is based on the reputation of the sender. You can create an Allow list (or safe sender list) to make sure you receive every message sent to you from a specific IP address or IP address range. You can also create a list of IP addresses from which to block messages. For more information, see Configure the connection filter policy. If you're concerned about spam in Office 365, use connection filtering to help prevent spam in Exchange Online.
Content filtering is one of the types of spam filters that checks for message characteristics consistent with spam. You can change what actions to take on messages identified as spam, and choose whether to filter messages written in specific languages, or sent from specific countries or regions. You can also turn on advanced spam filtering options if you want to pursue an aggressive approach to spam filtering. Additionally, you can configure end-user spam notifications to inform users when messages intended for them were sent to the quarantine instead. (Sending messages to the quarantine is one of the configurable actions.) From these notifications, end users can release false positives and report them to Microsoft for analysis. For more information, see Configure your content filter policies. In order to help prevent spam in Exchange Online and Office 365, use content filtering, if you're concerned about too much spam in Office 365, use connection filtering to help prevent spam in Exchange Online.
Important: For EOP standalone customers: By default, the EOP content filters send spam-detected messages to each recipients’ Junk Email folder. However, in order to ensure that the Move message to Junk Email folder action will work with on-premises mailboxes, you must configure two Exchange Transport rules on your on-premises servers to detect spam headers added by EOP. For details, see Ensure that spam is routed to each user's Junk Email folder.
The following video provides and overview of configuring content filtering in EOP.
For more details, see the Configure your content filter policies topic.
Outbound filtering is one of the types of spam filters that checks to make sure your users don’t send spam. For instance, a user’s computer may get infected with malware that causes it to send spam messages, so we build protection against that into the product. You can’t turn off outbound filtering, but you can configure the settings described in Configure the outbound spam policy. If you're concerned about too much spam in Office 365, use outbound filtering to help prevent spam in Exchange Online.
If you want to go beyond the built-in spam filtering and create custom rules that are based on your business policies, the Transport rules feature is another type of spam filter that will help you prevent spam in Office 365 and Exchange Online. For example, you can use Transport rules to set the spam confidence level (SCL) value for messages that match specific conditions, as described in Create a transport rule to identify mail as spam or not spam by setting the spam confidence level (SCL).
If you’re looking for information about how end users can manage their own spam settings, check out Overview of the Junk Email Filter (for Microsoft Outlook users) or Learn about Junk email and phishing (for OWA users). If you’re using EOP to protect on-premises mailboxes, be sure to use directory synchronization to ensure that these settings are synced to the service. For more information about setting up directory synchronization, see “Use directory synchronization to manage mail users” in Manage mail users in EOP.