Anti-spam and anti-malware protection in Office 365
If you’re an Office 365 customer whose mailboxes are hosted in Microsoft Exchange Online, your email messages are automatically protected against spam and malware.
Spam is unsolicited (and typically unwanted) email messages. Malware is comprised of viruses and spyware. Viruses infect other programs and data, and they spread throughout your computer looking for programs to infect. Spyware refers to malware that gathers your personal information, such as sign-in information and personal data, and sends it back to the malware author.
Office 365 has built-in malware and spam filtering capabilities that help protect inbound and outbound messages from malicious software and help protect you from spam. Admins don’t need to set up or maintain the filtering technologies, which are enabled by default. However, they can make company-specific filtering customizations in the Exchange admin center (EAC).
Tip: We recommend viewing the following series of introductory videos about how to get started with protecting your email messaging environment: Videos for getting started with protecting your email.
Note: If you use SharePoint Online as part of Office 365, anti-malware protection is also automatically provided for files that are uploaded and saved to document libraries. This protection is provided by the Microsoft anti-malware engine that’s also integrated into Exchange. This anti-malware service runs on all SharePoint Online Content Front Ends (CFEs).
Manage your anti-spam settings in Exchange Online
The following table contains links to topics that explain how anti-spam protection works in Exchange Online and how you can fine-tune your anti-spam configuration settings to best meet the needs of your organization.
|
Topic |
Description |
|
Provides overview information about the main anti-spam protection features included in the service. |
|
|
Provides frequently asked questions and answers about anti-spam protection. |
|
|
Explains what safe sender and blocked sender lists are and provides information about the different ways you can populate these lists in the service. |
|
|
Shows how you can create safe sender and blocked sender lists by specifying IP addresses in the connection filter policy. |
|
|
Provides information about how you can configure the default company-wide content filter policy, as well as create custom content filter policies that you can apply to specified users, groups, or domains in your organization. |
|
|
Shows how to configure the outbound spam policy, which contains settings that help make sure that your users don’t send spam outbound through the service. |
|
|
Explains the difference between junk email and bulk email messages and provides information about the different options that are available for both in the service. |
|
|
When an email message goes through spam filtering it’s assigned a spam score. This topic describes what these spam scores mean. |
|
|
Submitting spam and non-spam messages to Microsoft for analysis |
Describes several ways in which administrators and end users can send spam and non-spam messages to Microsoft for analysis. |
|
Describes the anti-spam fields placed in Internet headers, which can help provide administrators with information about the message and about how it was processed. |
Manage spam sent to the hosted quarantine in Exchange Online
When you configure your content filter policies, one of the actions you can set is to send content-filtered messages to the hosted quarantine (by default, they’re sent to the recipient’s Junk Email folder). The following table contains links to topics that describe how to manage spam-quarantined messages.
|
Topic |
Description |
|
Provides overview information about the quarantine feature, including information about how you can set up users to access the end user spam quarantine. |
|
|
Provides frequently asked questions and answers about the hosted quarantine. |
|
|
Describes how you can use the EAC to find and release any quarantined message, and optionally report it as a false positive (not junk) message to Microsoft. Content-filtered spam messages and messages that match a transport rule can be sent to the administrator quarantine. |
|
|
Describes how end users can find and release their own spam-quarantined messages in the spam quarantine user interface, and report them as not junk to Microsoft. |
|
|
Use end-user spam notifications to release and report spam-quarantined messages |
Describes how end users can release their own spam-quarantined messages and optionally report them as not junk via end-user spam notification messages. |
Manage your anti-malware settings in Exchange Online
The following table contains links to topics that explain how anti-malware protection works in Exchange Online, and how you can fine-tune your anti-malware configuration settings to best meet the needs of your organization.
|
Topic |
Description |
|
Provides overview information about how the service offers multi-layered malware protection that’s designed to catch all known malware traveling to or from your organization. |
|
|
Provides a detailed list of frequently asked questions and answers about anti-malware protection in the service. |
|
|
Describes the malware filter policy settings. For example, you can select the action to take when malware is detected in a message, and specify to send notification messages when a message is detected as malware and the entire message is deleted. Similar to the content filter policy, you can configure the default company-wide malware filter policy, as well as create custom malware filter policies that you can apply to specified users, groups, or domains in your organization. |