Anti-spam and anti-malware protection in EOP

In Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, email messages are automatically protected against spam and malware by EOP.

Spam is unsolicited and unwanted email. Malware is viruses and spyware. Viruses infect other programs and data, and they spread throughout your computer looking for programs to infect. Spyware is a specific type of malware that gathers your personal information (for example, sign-in information and personal data) and sends it back to the malware author.

EOP has built-in inbound and outbound malware filtering to help protect your organization from malicious software, and built-in spam filtering to help protect your organization from both receiving and sending spam (for example, in case of compromised accounts). Admins don't need to set up or maintain the filtering technologies because they're enabled by default. However, you can customize the settings based on the needs of your organization.

Note

If you use SharePoint Online, anti-malware protection is also automatically provided for files that are uploaded and saved to document libraries. This protection is provided by the Microsoft anti-malware engine that's also integrated into Exchange. This anti-malware service runs on all SharePoint Online Content Front Ends (CFEs).

Anti-malware protection in EOP

The following table contains links to topics that explain how anti-malware protection works in EOP, and how you can fine-tune your anti-malware configuration settings to best meet the needs of your organization.

Topic Description
Anti-malware protection in EOP Provides overview information about how the service offers multi-layered malware protection that's designed to catch all known malware traveling to or from your organization.
Anti-malware protection FAQ Provides a detailed list of frequently asked questions and answers about anti-malware protection in the service.
Configure anti-malware policies in EOP Describes how to configure the default company-wide anti-malware policy, as well as create custom anti-malware policies that you can apply to specified users, groups, or domains in your organization.
Recover from a ransomware attack
Virus detection in SharePoint Online

Anti-spam protection in EOP

The following table contains links to topics that explain how anti-spam protection works in EOP, and how you can fine-tune your anti-spam configuration settings to best meet the needs of your organization.

Topic Description
Anti-spam protection in EOP Provides overview information about the main anti-spam protection features included in the service.
Anti-spam protection FAQ Provides frequently asked questions and answers about anti-spam protection.
Configure anti-spam policies in EOP Provides information about how you can configure anti-spam policies (also known as spam filter policies or content filter policies). You can configure the default company-wide anti-spam policy or create custom anti-spam policies that apply to specific users, groups, or domains in your organization.
Configure connection filtering Shows how you can add source IP address to the IP Allow List and the IP Block List in the default connection filter policy.
Create safe sender lists in EOP Learn the recommended methods to keep good messages from being identified as spam.
Create blocked sender lists in EOP Learn the recommended methods to block bad messages that aren't being correctly identified as spam.
Spam confidence level (SCL) in EOP Learn about the spam determination of spam filtering.
Bulk complaint level (BCL) in EOP Learn about the threshold that determines whether bulk email is spam.
What's the difference between junk email and bulk email? Explains the difference between junk email and bulk email messages the controls that are available for both in EOP.
Configure junk email settings on Exchange Online mailboxes Learn about the junk email rule in all mailboxes that's responsible for moving messages into the Junk Email folder.
Use mail flow rules to set the spam confidence level (SCL) in messages Learn how to use mail flow rules (also known as transport rules) to set the SCL in messages before spam filtering.
Advanced Spam Filter (ASF) settings in EOP Learn about the ASF settings that are available in anti-spam policies.

Outbound spam protection in Exchange Online

The following table contains links to topics that explain how outbound spam protection works for Exchange Online mailboxes.

Topic Description
Outbound spam protection in EOP
Configure outbound spam filtering in EOP Shows how to configure outbound spam policies, which contain settings that help make sure your users don't send spam through the service.
High-risk delivery pool for outbound messages
Remove blocked users from the Restricted Users portal in Office 365

Common protection technologies

The following table contains links to topics that explain settings that are common to anti-malware and anti-spam protection.

Topic Description
Anti-spam message headers Describes the anti-spam fields placed in Internet headers, which can help provide administrators with information about the message and about how it was processed.
Order and precedence of email protection
Zero-hour auto purge (ZAP) - protection against spam and malware
Safety tips in email messages
Report messages and files to Microsoft
Use the delist portal to remove yourself from the Microsoft 365 blocked senders list