Techniques to Configure Office 365 Spam Filter

Anisha Rawat
Anisha Rawat | Published On - 19 Jul 2022 |

Read time: 10 minutes

Spam emails are all junk messages which are received by users in their mailbox with or without their permission. Some users receive them frequently in huge volumes since they have configure a Microsoft 365 account in Outlook and others. Sometimes, they also bring viruses, malware, and other threats along with them, which create havoc on the entire system and its applications. Overall, spam messages only create trouble for all. All users try to stay away from all such emails and protect all their data.

Spam protection in Office 365

If you are using Microsoft 365, it can provide advanced protection to your mailbox from all kinds of spam mails. It utilizes Exchange Online Protection (EOP) to do so. In addition, users can also enable message tracing in Exchange Online. Coming back to EOP, it is a cloud-based utility that filters email messages and further keeps all the spam, risks, threats, and malware at a far distance from your mailbox. The configuration of these filters is a lengthy and slightly complex process. This article provides all the detail of Office 365 spam filters, from their configuration to removal.

Techniques to identify spam on EOP

EOP functions on some proprietary spam filtering technologies, which are developed based on already known spams, threats, and user feedback. These techniques are as follows-

  • Connection filtering
    This filter quickly identifies good and bad incoming email messages by making use of the IP blocklist. It further allows or blocks messages from those sources.
  • Content filtering
    The Content filter classifies messages into these categories- High confidence spam, Bulk email, Phishing email, and High confidence phishing email. Depending on this classification, the email is deleted, rejected, or sent to the Quarantine mailbox.
  • Outbound spam filtering
    It is equally necessary that your users are not the ones sending spam, either unintentionally or intentionally. This technology keeps a close tab on that aspect.
  • Spoof intelligence
    Certain spam emails are carried out by pretending to be part of your organization. This is a classic case of spoofing. There are anti-spoofing practices that are conducted like email authentication, spoof intelligence, insight, block list, spoof detection reports, and anti-phishing policies.

Configuration of anti-spam policies

Before getting to the policies, you need to know about these two elements which each policy contains:

  • Spam filter policy: States the actions as well as notifications for spam filtering categories.
  • Spam filter rule: States the priority and the recipient of the spam filter policy.

The EOP in Office 365 safeguards users against all kinds of spam messages by creating these anti-spam policies-

  • Inbound anti-spam policy
  • Outbound anti-spam policy
  • Connection filteringanti spam policy

These policies are set in their Default mode but can be customized to make them stricter and more effective according to your organization’s preference and can also be made for a specific group, users, or domains.

Let us understand how to configure and modify them-

Configure inbound anti-spam policy

  1. Visit the Anti-spam policies page by clicking on his link–
    https://security.microsoft.com/antispam
  2. Click on + Create Policy. A dropdown menu will open and select Inbound. Now, this will require you to add information on various pages as you proceed ahead.select Inbound
  3. In the Name your policy section, you need to enter a suitable title and an optional description. Click on Next.Name your policy
  4. This is the Users, groups, and domains page where you need to add which ones to include or exclude. Select Next to continue.Users, groups, and domains
  5. The Bulk email threshold & spam properties will allow you to set up the amount of Bulk email threshold. In addition, you can scroll down to adjust other spam and test mode properties.Bulk email threshold & spam properties
  6. The Actions page is where you will decide what happens with all the junk messages. The default settings send spam and bulk to the junk email folder; also, it will send high confidence spam, phishing, and high confidence phishing go to the quarantine mailbox. The retention spam is for 15 days. All these default settings can be adjusted as per your requirements.actions
  7. In the Allow and Block list, you will be able to specify all the allowed and blocked senders and domains by just clicking on the given options. Click on Next to proceed.Allow and Block list
  8. The Review page is the summary of all the settings to which you have applied. You can choose to either Edit or Create them.Review
  9. After all the steps have been completed properly, a confirmation message will appear. Click on Done to conclude.Click on Done

Configure outbound anti-spam policy

  • Again, click on the given link to open the Anti-spam policies page.
    https://security.microsoft.com/antispam
  • Click on + Create Policy. But this time, select Outbound.
  • On the Name your policy page, enter the name and description of the policy. Click on Next once done.Click on Next
  • On the Users, groups, and domains page, you can add all those to which this policy will be applicable.Users, groups, and domains
  • The Protection settings page is where you can set up the limit of external, internal, and daily messages. Click on Next to proceed.Click on Next
  • The Review page will enable you to check all the applied policy details. You can either Edit or Create this new outbound policy.Create this new outbound policy
  • A message will appear to confirm the effect of the new policy immediately. Select Done.Select Done

Modify Connection filter policy

  1. Move to the Anti-spam policies page by clicking on the link. This time click on the Connection filter policy (Default).
    https://security.microsoft.com/antispam
  2. A new tab will appear. Click on Edit description to add a description for the policy.
  3. Mention the required description and select Save.
  4. Click on the Edit connection filter policy to customize the allowance and blockage of IP addresses.
  5. You can add a single IP or a range of IP addresses to the Allow or Block list. You can also choose to turn on the safe list. In the end, click Save, and the modifications will be saved.

Remove the applied anti-spam policies

In a situation where you want to delete a certain policy, you can easily do so by following the mentioned steps-

  1. Open the Anti-spam policies page with this link –
    https://security.microsoft.com/antispam
  2. Click on the applied anti-spam policy which you want to remove.Click on the applied anti-spam policy
  3. Now, simply select Delete policy and close this window.select Delete policy
  4. When the warning message appears, click on Yes, and it will be deleted.click on Yes

Why should we take a backup of Office 365 data?

As mentioned earlier, spam messages are the largest carriers of viruses and other risks. They can disrupt all your organization’s important data within a span of a few seconds. To keep the data protected from any such loss, you need to take its backup at regular intervals. Since it must be confidential in nature, the reliability and security of the software you are using must be your top priority.

Kernel Office 365 Backup is a professional utility with advanced algorithms which takes the backup of all mailboxes and then saves it in the desired location. It maintains the entire structure of the data. The users are also able to save selective data only by applying some filters like Folder, Date, Item type, etc. The backing-up process is simple and can be handled by any user, including beginners.

Office 365 Backup

Conclusion

Getting spam emails has recently increased due to aggressive advertising campaigns and the social media presence of users. But Microsoft 365 keeps them in check to maintain a clutter-free mailbox. It makes use of Spam intelligence and Connection, Content, and Outbound spam filtering technologies to identify all such messages. Inbound anti-spam policy, Outbound anti-spam policy, and Connection filtering are already in the default setting mode, which can be modified according to the level of strictness you want to set. In addition, to keep the data safe from threats that come along with spam messages, users can take backup using a professional utility which has been discussed in detail above.