Part 1: Theory

   

Introduction

    Microsoft 365 Business Basic provides email protection through the built-in Exchange Online Protection (EOP) service, which offers advanced spam filtering mechanisms. Effective configuration of anti-spam policies can significantly reduce the risk of unwanted messages reaching users in your organization

Types of Anti-Spam Policies

  • Default Policy: Applies to all users and cannot be disabled or deleted. It can be edited, but its effectiveness is limited.
  • Custom Policies: Allow precise adjustment of settings for selected users, groups, or domains. They have higher priority than the default policy.
  • Outbound Policies: Used to control outgoing messages from the organization.

Policy Prioritization

    Custom policies have higher priority than the default. A newly created policy appears at the top of the list (priority 0) and is applied first if multiple policies match a recipient.

Key Policy Settings

  • Bulk email threshold & spam properties: Set the threshold for bulk messages, configure spam properties (ASF).
  • Increase spam score settings: Raise the SCL score for selected message types.
  • Mark as spam settings: Define which message types should be automatically marked as spam.
  • Actions for detected spam: Move to Junk folder, delete, quarantine, reject with NDR.
  • Allowed/blocked sender lists: Manage allow/block lists.

💡 Tip: Regularly review the effectiveness of anti-spam policies and adjust settings to match evolving threats and organizational specifics.

       

Part 2: Tutorial – Configuring a Sample Anti-Spam Policy

   

Step 1: Access the Management Panel

  1. Go to Microsoft 365 Defender.
  2. Log in as an administrator.
  3. Select Email & Collaboration > Policies & Rules > Threat policies > Anti-spam.

Screenshot: Microsoft 365 Defender Home

Step 2: Create a New Policy

  1. Click + Create policy and choose Inbound.
  2. Name the policy.
  3. Specify recipients (users, groups, domains) the policy should apply to. You can also add exceptions.

Screenshot: Creating Inbound Policy

Step 3: Configure Spam Filtering Settings

  • Set the threshold for bulk messages.
  • Configure spam properties (ASF).
  • Increase SCL score for selected message types.
  • Define which message types should be marked as spam.

Screenshot: Spam Filtering Settings

Step 4: Actions for Detected Spam

  • Move to Junk Email folder
  • Delete the message
  • Redirect to Quarantine
  • Reject with NDR

Screenshot: Spam Actions

Step 5: Allowed and Blocked Sender Lists

  • Add trusted senders and domains to theallow list.
  • Add known spammers to the block list.

Screenshot: Sender Lists

Step 6: Test Mode

💡 Tip: You can test a new policy by adding a header to messages instead of immediately blocking or redirecting them. This allows you to monitor the impact without risking loss of important correspondence.

Step 7: Save and Activate the Policy

  1. Review all settings.
  2. Save and activate the policy.

Screenshot: Save and Activate Policy

Summary

After completing the above steps, your organization will be better protected against spam and phishing. Remember to regularly review the effectiveness of your policies!