Applies to: Exchange Online Protection, Exchange Online
Topic Last Modified: 2014-09-17
We’ve built anti-spam protection into your Exchange Online or Exchange Online Protection (EOP) service, so your email is protected from the moment you receive your first message. But you may want to change a protection setting to deal with a specific issue in your organization—say you’re receiving a lot of spam from a particular sender, for example – or to simply fine tune your settings so that they’re tailored to best meet the needs of your organization. To do this, you can change the following types of anti-spam policy settings in the Exchange admin center:
Connection filtering is based on the reputation of the sender. You can create an Allow list (or safe sender list) to make sure you receive every message sent to you from a specific IP address or IP address range. You can also create a list of IP addresses from which to block messages. For more information, see Configure the connection filter policy.
Content filtering checks for message characteristics consistent with spam. You can change what actions to take on messages identified as spam, and choose whether to filter messages written in specific languages, or sent from specific countries or regions. You can also turn on advanced spam filtering options if you want to pursue an aggressive approach to spam filtering. Additionally, you can configure end-user spam notifications to inform users when messages intended for them were sent to the quarantine instead. (Sending messages to the quarantine is one of the configurable actions.) From these notifications, end users can release false positives and report them to Microsoft for analysis. For more information, see Configure your content filter policies.
Important: For EOP standalone customers: By default, the EOP content filters send spam-detected messages to each recipients’ Junk Email folder. However, in order to ensure that the Move message to Junk Email folder action will work with on-premises mailboxes, you must configure two Exchange Transport rules on your on-premises servers to detect spam headers added by EOP. For details, see Ensure that spam is routed to each user's Junk Email folder.
Outbound filtering checks to make sure your users don’t send spam. For instance, a user’s computer may get infected with malware that causes it to send spam messages, so we build protection against that into the product. You can’t turn off outbound filtering, but you can configure the settings described in Configure the outbound spam policy.
If you want to go beyond the built-in spam filtering and create custom rules that are based on your business policies, the Transport rules feature is what you’re looking for. For example, you can use Transport rules to set the spam confidence level (SCL) value for messages that match specific conditions, as described in Create a transport rule to identify mail as spam or not spam by setting the spam confidence level (SCL).
If you’re looking for information about how end users can manage their own spam settings, check out Overview of the Junk Email Filter (for Microsoft Outlook users) or Learn about Junk email and phishing (for OWA users). If you’re using EOP to protect on-premises mailboxes, be sure to use directory synchronization to ensure that these settings are synced to the service. For more information about setting up directory synchronization, see “Use directory synchronization to manage mail users” in Manage mail users in EOP.