Office 365 mailboxes have powerful anti-spam features built-in. Office 365 spam filtering is part of Exchange Online Protection (EOP). While some of these options are enabled by default, you can use Exchange Admin Center to fine-tune spam filtering to meet your company’s needs.
Configure Spam Filtering in Exchange Online
First, open the Exchange Admin Center (EAC) and navigate to Protection and then Spam filter.
The General page will show the default spam filtering policy. Either edit an existing policy, including the default policy, or click on the New + icon to create a custom policy.
The Spam and Bulk email actions category contain the settings for automated filtering applied by the EOP engine. You can choose the action to take for different categories of spam based on the “spam confidence level” (SCL). High-confidence spam are mail messages that are certainly spam. Spam are messages which are likely to be unwanted.
Move message to Junk Email folder is the default option. This will deliver the message to the recipient’s junk email folder in their mail client, and will allow users to check their own spam filter for false positives. This is a good choice for medium-confidence spam messages.
Other actions may be more appropriate for high-confidence spam. Delete message will immediately delete the whole email including all attachments, with no option for recovery. Quarantine message will not deliver the message to the user’s Junk Email folder, but instead moves it to a separate mail area that can be accessed if needed, but by default is deleted after 15 days.
Finally, there are some actions that can give you more options for dealing with or monitoring spam in your organization. These may be better if your users access their email through clients other than Outlook. Add X-header will add a header to the mail message which is invisible to the end user but can be read by other mail services or programs to further act on them. Prepend subject line with text adds configurable text to the subject line to alert your users to suspected spam. And Redirect messages to email address delivers the message to another inbox instead of the intended recipient.
More Office 365 Spam Filtering Options
Bulk email refers to messages which may or may not be unwanted automated messages. Use the checkbox Mark bulk email as spam to control if these messages are treated as spam or if they are delivered to the intended recipients. This could include things like marketing emails, newsletters, and other things that your users may or may not want to receive.
The Block Lists and Allow Lists pages enable you to expressly allow or block specific email addresses, domains, or IP addresses. Click the Add + button and enter addresses, domains, or IPs either one per line or in a semi-colon separated list. It is a good idea to add your organization’s IP addresses to the Allow list. But, don’t add your domain name to the allowed list — it could allow fraudulent emails with spoofed sender addresses through.
The international spam page allows you to block messages written in specific languages or from specific countries. Messages matching the rules you specify will have the same action applied as for High confidence spam.
Custom policies can be applied selectively in the advanced options page using the Apply to menu. To only apply the rule for specific users, select The recipient is and enter the users’ email addresses. The rule can be applied to groups using The recipient is a member of and to domains using The recipient domain is. Use “add exception” to allow specific rules.
Configuring your spam policies can protect your organization from many types of attacks and reduce user frustration. But, it can take some tweaking to make sure that most spam is blocked and legitimate messages are allowed. Next week’s Tech Thursday article will cover how to fine-tune your spam filtering to make your users happy.