Anti-spam and anti-malware protection in Office 365
If you're an Office 365 customer whose mailboxes are hosted in Microsoft Exchange Online, your email messages are automatically protected against spam and malware.
Spam is unsolicited (and typically unwanted) email messages. Malware is comprised of viruses and spyware. Viruses infect other programs and data, and they spread throughout your computer looking for programs to infect. Spyware refers to malware that gathers your personal information, such as sign-in information and personal data, and sends it back to the malware author.
Office 365 has built-in malware and spam filtering capabilities that help protect inbound and outbound messages from malicious software and help protect you from spam. Admins don't need to set up or maintain the filtering technologies, which are enabled by default. However, they can make company-specific filtering customizations in the Exchange admin center (EAC).
We recommend viewing the following series of introductory videos about how to get started with protecting your email messaging environment: Videos for getting started with protecting your email.
If you use SharePoint Online as part of Office 365, anti-malware protection is also automatically provided for files that are uploaded and saved to document libraries. This protection is provided by the Microsoft anti-malware engine that's also integrated into Exchange. This anti-malware service runs on all SharePoint Online Content Front Ends (CFEs).
Manage your anti-spam settings in Exchange Online
The following table contains links to topics that explain how anti-spam protection works in Exchange Online and how you can fine-tune your anti-spam configuration settings to best meet the needs of your organization.
We're still rolling out threat management, including anti-spam and anti-malware for the Security & Compliance Center, so you might not see all of these there just yet. During the rollout, some features, for example Anti-malware, DKIM, and others, will continue to be available through the Exchange Admin Center (EAC) for a limited time.
In some cases, there are minor differences between the EAC and the Security & Compliance Center implementations. For example, supported characters for spam filters are different between the two platforms. Articles are provided that give more information about specific differences when they occur.
||Provides overview information about the main anti-spam protection features included in the service.
|Invalid characters in hosted spam filter rules and policies
||Provides help for administrators who have invalid characters in spam filter rules and policies and then run into issues when attempting to use these rules and policies with the Security & Compliance Center.
|Anti-Spam Protection FAQ
||Provides frequently asked questions and answers about anti-spam protection.
|Safe sender and blocked sender lists FAQ
||Explains what safe sender and blocked sender lists are and provides information about the different ways you can populate these lists in the service.
|Configure the connection filter policy
||Shows how you can create safe sender and blocked sender lists by specifying IP addresses in the connection filter policy.
|Configure content filter policies
||Provides information about how you can configure the default company-wide content filter policy, as well as create custom content filter policies that you can apply to specified users, groups, or domains in your organization.
|Configure the outbound spam policy
||Shows how to configure the outbound spam policy, which contains settings that help make sure that your users don't send spam outbound through the service.
|What's the difference between junk email and bulk email?
||Explains the difference between junk email and bulk email messages and provides information about the different options that are available for both in the service.
|Spam Confidence Levels
||When an email message goes through spam filtering it's assigned a spam score. This topic describes what these spam scores mean.
|Submitting spam and non-spam messages to Microsoft for analysis
||Describes several ways in which administrators and end users can send spam and non-spam messages to Microsoft for analysis.
|Anti-spam message headers
||Describes the anti-spam fields placed in Internet headers, which can help provide administrators with information about the message and about how it was processed.
Manage spam sent to the hosted quarantine in Exchange Online
When you configure your content filter policies, one of the actions you can set is to send content-filtered messages to the hosted quarantine (by default, they're sent to the recipient's Junk Email folder). The following table contains links to topics that describe how to manage spam-quarantined messages.
||Provides overview information about the quarantine feature, including information about how you can set up users to access the end user spam quarantine.
||Provides frequently asked questions and answers about the hosted quarantine.
|Find and release quarantined messages as an administrator
||Describes how you can use the EAC to find and release any quarantined message, and optionally report it as a false positive (not junk) message to Microsoft. Content-filtered spam messages and messages that match a transport rule can be sent to the administrator quarantine.
|Find and release quarantined messages as an end user
||Describes how end users can find and release their own spam-quarantined messages in the spam quarantine user interface, and report them as not junk to Microsoft.
|Use end-user spam notifications to release and report spam-quarantined messages
||Describes how end users can release their own spam-quarantined messages and optionally report them as not junk via end-user spam notification messages.
Manage your anti-malware settings in Exchange Online
The following table contains links to topics that explain how anti-malware protection works in Exchange Online, and how you can fine-tune your anti-malware configuration settings to best meet the needs of your organization.
||Provides overview information about how the service offers multi-layered malware protection that's designed to catch all known malware traveling to or from your organization.
|Anti-Malware Protection FAQ
||Provides a detailed list of frequently asked questions and answers about anti-malware protection in the service.
|Configure Anti-Malware Policies
||Describes the malware filter policy settings. For example, you can select the action to take when malware is detected in a message, and specify to send notification messages when a message is detected as malware and the entire message is deleted. Similar to the content filter policy, you can configure the default company-wide malware filter policy, as well as create custom malware filter policies that you can apply to specified users, groups, or domains in your organization.
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.