收件人、域和公司管理Recipient, domain, and company management

Microsoft Exchange Online Protection (EOP)提供了几种管理您的收件人、域和公司信息的方法。Microsoft Exchange Online Protection (EOP) offers several means of managing your recipient, domain, and company information. 作为管理员,您可以在 Exchange 管理中心(EAC)内执行某些管理任务,并验证在 Microsoft 365 管理中心中执行的其他管理任务。As an administrator, you can perform certain management tasks within the Exchange admin center (EAC), and verify other management tasks performed in the Microsoft 365 admin center.

要查找有关 EOP 所有功能的信息吗?Looking for information about all EOP features? 请参阅Exchange Online Protection 服务说明See the Exchange Online Protection service description.

Mail recipientsMail recipients

邮件收件人被归为邮件用户或组,可直接在 EAC 中或使用远程 Windows PowerShell 通过目录同步进行管理。Mail recipients are categorized as mail users or groups and can be managed through directory synchronization, directly in the EAC, or via remote Windows PowerShell. 如果要在本地管理收件人,必须运行目录同步,这样邮件收件人才能反映在 EAC 中。If you're managing your recipients on-premises, you must run directory synchronization in order for your mail recipients to be reflected in the EAC. 仅在 Microsoft 365 管理中心内管理的用户无法在 EAC 中查看,但可以在 EAC 的管理员角色组中的成员身份添加或删除它们。Users managed solely in the Microsoft 365 admin center aren't viewable in the EAC, but they can be added to or removed from membership in an administrator role group in the EAC. 若要详细了解 EOP 中的收件人,请参阅 EOP 中的收件人For more information about recipients in EOP, see Recipients in EOP.

Admin role group permissionsAdmin role group permissions

在 EOP 中,只能配置管理角色。在 EAC 中,可以将用户直接添加到默认管理员角色组中,也可以直接从中删除。无可用 RBAC 自定义项。有关详细信息,请参阅管理 EOP 中的管理员角色组权限In EOP, you can configure administrative roles only. Users can be added and removed from default admin role groups directly in the EAC. No RBAC customization is available. For more information, see Manage Admin Role Group Permissions in EOP.

域管理Domain management

托管域是指受 EOP 保护的域。Managed domains are domains that are protected by EOP. 可以在 EAC 中查看托管域并编辑域类型。Managed domains can be viewed and domain types can be edited in the EAC. 域设置和管理在 Microsoft 365 管理中心发生,并且更改在 EAC 中反映出来。Domain provisioning and management occurs in the Microsoft 365 admin center and changes are reflected in the EAC. 有关详细信息,请参阅查看或编辑 EOP 中的托管域For more information, see View or Edit Managed Domains in EOP.

Match subdomainsMatch subdomains

在 EOP 中,可以启用流向托管域的子域的邮件流。有关详细信息,请参阅在 EOP 中为子域启用电子邮件流In EOP, you can enable mail flow to subdomains of a managed domain. For more information, see Enable Email Flow for Subdomains in EOP.

基于目录的边缘阻止 (DBEB)Directory Based Edge Blocking (DBEB)

通过基于目录的边缘阻止功能,您可以在服务网络外围拒绝发送至无效收件人的邮件。The Directory Based Edge Blocking feature lets you reject messages for invalid recipients at the service network perimeter. DBEB 允许管理员将已启用邮件的收件人添加到 Microsoft,并阻止发送到 Microsoft 中不存在的电子邮件地址的所有邮件。DBEB lets admins add mail-enabled recipients to Microsoft and block all messages sent to email addresses that aren't present in Microsoft. 如果将邮件发送到 Microsoft 中存在的有效电子邮件地址,则邮件将继续执行服务筛选层(反恶意软件、反垃圾邮件、传输规则)中的其余部分。If a message is sent to a valid email address present in Microsoft, the message continues through the rest of the service filtering layers (anti-malware, anti-spam, transport rules). 如果地址不存在,服务甚至会在进行筛选之前阻止邮件,并向发件人发送未送达报告 (NDR) 以通知其邮件未送达。If the address is not present, the service blocks the message before filtering even occurs, and a non-delivery report (NDR) is sent to the sender informing them that their message was not delivered.

必须执行一些用户和域配置,才能启用 DBEB。有关详细信息,请参阅使用基于目录的边缘阻止拒绝发送给无效收件人的邮件Enabling DBEB requires some user and domain configuration. For more information, see Use Directory Based Edge Blocking to Reject Messages Sent to Invalid Recipients.

功能可用性Feature availability

若要查看跨计划、独立选项和本地解决方案的功能可用性,请参阅Exchange Online Protection 服务说明To view feature availability across plans, standalone options, and on-premises solutions, see Exchange Online Protection service description.