In the Admin Center of Microsoft 365 (formerly Office 365), administrators can create comprehensive policies for virus protection and spam protection. But quick, simple configurations are also possible. In this video tip, we show both ways.
Configuring Spam and Virus Protection in Microsoft 365
In any case, anyone using Microsoft 365 (formerly Office 365) with Exchange Online should review the default anti-virus and anti-spam policies and adjust them if necessary. The configuration is best done in Microsoft 365’s Exchange Admin Center. The control of spam and antivirus protection is handled by policies, which are not very complicated to handle but offer many options. Microsoft displays help for all options on what the corresponding setting does.
Configure antivirus protection in the Exchange Admin Center
In the Exchange Admin Center of Microsoft 365, the menu item “Protection” is used to manage the virus filter and the spam filter. Via the menu item “Malware filter”, the default policy “Default” is initially available. This policy is applied to all e-mails for which there is no other suitable policy with a higher priority. The policy can be customized via the pencil icon or by double-clicking.
In the properties of policies, the options for filtering virus emails are available via “Settings”. In the case of “Reaction to malware detection”, it is first determined whether a recipient should be informed if an incoming e-mail has contained a virus. With “Filter for common attachment types”, dangerous file attachments can be completely blocked.
The corresponding file attachments can again be identified in the lower field. The other options are self-explanatory and offer the possibility to automate the handling of virus mails and possible notifications.
If the default policy is not enough for you, you can create a manual policy with the plus sign and assign a priority. The policies with higher priority are always applied first. When creating a new policy, you can specify in the lower area at “Applied to” which type of messages should be examined with the newly created policy. For example, specific recipients can be filtered here.
Control spam protection
There is also a “Default” policy for spam protection, which is applied to all messages. As with virus protection, you can also create your own policies with priorities, which are processed one after the other until a policy fits. If there is no suitable policy, then the “Default” policy takes over.
Manual policies and the default policy have the same setting options. The various menus can be used to customize how Microsoft 365 should handle spam mails. When creating your own policies, in addition to meaningful names, the descriptions should also make it clear what the task of the corresponding policies is. In most cases, the default policy is sufficient
Spam and bulk actions” can be used to specify what the filter should do with e-mails classified as spam. Here you can specify that spam mails are moved directly to the junk mail folder. This is available in Outlook and of course Outlook Web App. Mass emails can also be controlled in this menu item. A threshold value can be defined here as of when emails should be declared as spam.
It is also defined here how long e-mails are to be stored in the quarantine area. This area is available via the menu item “Quarantine”. However, the quarantine is no longer managed in the Exchange Admin Center, but in Microsoft 365 Security & Compliance.
Block lists” can be used to block senders or domains. Conversely, “Approval Lists” can be used to allow certain recipients or domains. The approval lists control that no spam filtering takes place at all for recipients or domains.
Working in parallel with Outlook
In parallel, users can also optimize spam protection in Outlook. On the “Start” tab, under “Junk e-mail\Junk e-mail options, there are settings for how users can still combat junk e-mail from their own mailbox. However, these rules are only implemented with Outlook.