Anti-spam and anti-malware protection in EOP
The improved Microsoft 365 Defender portal is now available. This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 Defender portal. Learn what's new.
- Exchange Online Protection
- Microsoft Defender for Office 365 plan 1 and plan 2
- Microsoft 365 Defender
In Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, email messages are automatically protected against spam and malware by EOP.
Spam is unsolicited and unwanted email. Malware is viruses and spyware. Viruses infect other programs and data, and they spread throughout your computer looking for programs to infect. Spyware is a specific type of malware that gathers your personal information (for example, sign-in information and personal data) and sends it back to the malware author.
EOP has built-in inbound and outbound malware filtering to help protect your organization from malicious software, and built-in spam filtering to help protect your organization from both receiving and sending spam (for example, in case of compromised accounts). Admins don't need to set up or maintain the filtering technologies because they're enabled by default. However, you can customize the settings based on the needs of your organization.
If you use SharePoint Online, anti-malware protection is also automatically provided for files that are uploaded and saved to document libraries. This protection is provided by the Microsoft anti-malware engine that's also integrated into Exchange. This anti-malware service runs on all SharePoint Online Content Front Ends (CFEs).
Anti-malware protection in EOP
The following table contains links to topics that explain how anti-malware protection works in EOP, and how you can fine-tune your anti-malware configuration settings to best meet the needs of your organization.
|Anti-malware protection in EOP||Provides overview information about how the service offers multi-layered malware protection that's designed to catch all known malware traveling to or from your organization.|
|Anti-malware protection FAQ||Provides a detailed list of frequently asked questions and answers about anti-malware protection in the service.|
|Configure anti-malware policies in EOP||Describes how to configure the default company-wide anti-malware policy, as well as create custom anti-malware policies that you can apply to specified users, groups, or domains in your organization.|
|Recover from a ransomware attack|
|Virus detection in SharePoint Online|
Anti-spam protection in EOP
The following table contains links to topics that explain how anti-spam protection works in EOP, and how you can fine-tune your anti-spam configuration settings to best meet the needs of your organization.
|Anti-spam protection in EOP||Provides overview information about the main anti-spam protection features included in the service.|
|Anti-spam protection FAQ||Provides frequently asked questions and answers about anti-spam protection.|
|Configure anti-spam policies in EOP||Provides information about how you can configure anti-spam policies (also known as spam filter policies or content filter policies). You can configure the default company-wide anti-spam policy or create custom anti-spam policies that apply to specific users, groups, or domains in your organization.|
|Configure connection filtering||Shows how you can add source IP address to the IP Allow List and the IP Block List in the default connection filter policy.|
|Create safe sender lists in EOP||Learn the recommended methods to keep good messages from being identified as spam.|
|Create blocked sender lists in EOP||Learn the recommended methods to block bad messages that aren't being correctly identified as spam.|
|Spam confidence level (SCL) in EOP||Learn about the spam determination of spam filtering.|
|Bulk complaint level (BCL) in EOP||Learn about the threshold that determines whether bulk email is spam.|
|What's the difference between junk email and bulk email?||Explains the difference between junk email and bulk email messages the controls that are available for both in EOP.|
|Configure junk email settings on Exchange Online mailboxes||Learn about the organization settings and mailbox-specific settings that determine whether mail is moved into the Junk Email folder.|
|Use mail flow rules to set the spam confidence level (SCL) in messages||Learn how to use mail flow rules (also known as transport rules) to set the SCL in messages before spam filtering.|
|Advanced Spam Filter (ASF) settings in EOP||Learn about the ASF settings that are available in anti-spam policies.|
Outbound spam protection in Exchange Online
The following table contains links to topics that explain how outbound spam protection works for Exchange Online mailboxes.
|Outbound spam protection in EOP|
|Configure outbound spam filtering in EOP||Shows how to configure outbound spam policies, which contain settings that help make sure your users don't send spam through the service.|
|High-risk delivery pool for outbound messages|
|Remove blocked users from the Restricted Users portal in Office 365|
Common protection technologies
The following table contains links to topics that explain settings that are common to anti-malware and anti-spam protection.
|Anti-spam message headers||Describes the anti-spam fields placed in Internet headers, which can help provide administrators with information about the message and about how it was processed.|
|Order and precedence of email protection|
|Zero-hour auto purge (ZAP) - protection against spam and malware|
|Report messages and files to Microsoft|
|Use the delist portal to remove yourself from the Microsoft 365 blocked senders list|