Anti-spam and anti-malware protection in Office 365

If you're an Office 365 customer with mailboxes in Exchange Online or a standalone Exchange Online Protection (EOP) customer without Exchange Online mailboxes, your email messages are automatically protected against spam and malware.

Spam is unsolicited (and typically unwanted) email. Malware is viruses and spyware. Viruses infect other programs and data, and they spread throughout your computer looking for programs to infect. Spyware is a specific type of malware that gathers your personal information (for example, sign-in information and personal data) and sends it back to the malware author.

Office 365 has built-in inbound and outbound malware filtering to help protect your organization from malicious software, and built-in spam filtering to help protect your organization from both receiving and sending spam (for example, in case of compromised accounts). Admins don't need to set up or maintain the filtering technologies because they're enabled by default. However, you can customize the filter settings based on the needs of your organization.

Note

If you use SharePoint Online as part of Office 365, anti-malware protection is also automatically provided for files that are uploaded and saved to document libraries. This protection is provided by the Microsoft anti-malware engine that's also integrated into Exchange. This anti-malware service runs on all SharePoint Online Content Front Ends (CFEs).

Manage your anti-spam settings in Exchange Online

The following table contains links to topics that explain how anti-spam protection works in Exchange Online and how you can fine-tune your anti-spam configuration settings to best meet the needs of your organization.

Topic Description
Office 365 email anti-spam protection Provides overview information about the main anti-spam protection features included in the service.
Invalid characters in hosted spam filter rules and policies Provides help for administrators who have invalid characters in spam filter rules and policies and then run into issues when attempting to use these rules and policies with the Security & Compliance Center.
Anti-spam protection FAQ Provides frequently asked questions and answers about anti-spam protection.
Safe sender and blocked sender lists in Exchange Online Explains what safe sender and blocked sender lists are and provides information about the different ways you can populate these lists in the service.
Configure the connection filter policy Shows how you can create safe sender and blocked sender lists by specifying IP addresses in the connection filter policy.
Configure your spam filter policies Provides information about how you can configure spam filter policies (also known as content filter policies. You can configure the default company-wide spam filer policy or create custom spam filter policies that you can apply to specific users, groups, or domains in your organization.
Configure the outbound spam policy Shows how to configure the outbound spam policy, which contains settings that help make sure that your users don't send spam outbound through the service.
What's the difference between junk email and bulk email? Explains the difference between junk email and bulk email messages and provides information about the different options that are available for both in the service.
Spam confidence levels When an email message goes through spam filtering it's assigned a spam score. This topic describes what these spam scores mean.
Submit spam, non-spam, and phishing scam messages to Microsoft for analysis Describes several ways in which administrators and end users can send spam and non-spam messages to Microsoft for analysis.
Anti-spam message headers Describes the anti-spam fields placed in Internet headers, which can help provide administrators with information about the message and about how it was processed.
Quarantine By default, spam message are delivered to the recipients' Junk Email folder, but you can configure spam filter policies (also known as content filter policies) to send spam to the quarantine. Admins can view and manage all messages in the quarantine, and end-users can view and manage their own spam messages.

Manage your anti-malware settings in Exchange Online

The following table contains links to topics that explain how anti-malware protection works in Exchange Online, and how you can fine-tune your anti-malware configuration settings to best meet the needs of your organization.

Topic Description
Anti-malware protection Provides overview information about how the service offers multi-layered malware protection that's designed to catch all known malware traveling to or from your organization.
Anti-malware protection FAQ Provides a detailed list of frequently asked questions and answers about anti-malware protection in the service.
Configure anti-malware policies Describes the malware filter policy settings. For example, you can select the action to take when malware is detected in a message, and specify to send notification messages when a message is detected as malware and the entire message is deleted. Similar to the content filter policy, you can configure the default company-wide malware filter policy, as well as create custom malware filter policies that you can apply to specified users, groups, or domains in your organization.