Office 365 Anti-Spam Policy – Block Junk Emails in O365

Office 365 Anti-Spam Policy

Ashish Ratan Singh | Modified: January 11, 2017 | Email Settings, Office 365 | 6 Minutes Reading

Email spamming is one of the malpractices being followed by the cyber-terrorist nowadays. It has been commonly observed that certain emails when downloaded or accessed, introduce various kinds of issues in system. This is due to the fact that those emails are spam and carry virus or malware. Thus, spam emails harm the users in many ways and lead to many cyber crimes. However, Office 365 provides certain anti-spam policies to fight against the spams. The Office 365 users must be aware of the Office 365 email anti-spam protection, so that they can secure the email account from such spams. Here, we are going to discuss the Office 365 anti-spam policy, which can be adopted by the users to secure account against spam messages.

What is Office 365 Email Anti-Spam Protection Policy?

Office 365 not only provides efficient mailing features, but also takes care of user’s privacy and security. To avoid virus or malware due to spam/ junk messages, O365 provides an inbuilt anti-spam policy. It enhances the security of email messages by keeping check on the incoming and outgoing emails. Whenever a new mail is received, it firstly scans the message according to Office 365 anti-spam policy. The email is displayed in the inbox folder only when it has passed the anti-spam guidelines/ checks. However, if the policies find the email as spam or malware, it does not forward the message into inbox or in other words, blocks junk email in Office 365; rather the message is moved to Spam folder. Thus, in this way users get protected from the cyber attacks.

Various Implications of Office 365 Anti-Spam Policy

Office 365 users may apply the following filters to secure their account from spam attacks:

#1: Apply Connection Filtering

The Office 365 connection filter approach tends to provide spam-free inbox by investigating the source of the emails. It performs Office 365 IP address restriction to monitor the IP addresses of the sender to determine whether the email is from valid source or not. It creates two kinds of lists for IP addresses:

  • Safe List: The user can specify the list of IP addresses, which are safe or reliable. Only messages from these IP will be received in your inbox.
  • Block List: The user can add any IP address to block list. All the incoming mails from those IP addresses will be blocked to prevent spam.

The users can configure connection filtering settings in Office 365 as below:

  1. Under EAC(Exchange Admin Center), click on Protection → Connection Filter.
  2. Choose Connection Filtering Option to add the list of IP addresses.
  3. Create the type of list: Allowed List or Block list.
  4. Specify the IP addresses in the list for further action.
  5. Click on Save to apply the changes made.

#2: Use Spam Filter Settings in Office 365

Another Office 365 anti-spam policy is ‘Spam Filtering’, to categorize the spam messages on the basis of message characteristic. The users can specify the criteria of spam messages and action to be taken on such emails.
Using advanced spam filtering, the users can get notified about the spam message intended to be delivered to them. Thus, users can also report the mails to Microsoft for further analysis or actions.

The spam filter settings can be customized in the following steps:

1. Open Exchange Admin Center(EAC) and browse Protection → Spam Filter option.
2. On the General page, perform one of the options accordingly:

  • For editing the existing company policy, double click the default policy.
  • To create a new policy, click on +.

3. For new policy, specify a unique name.

4. Under Spam and High Confidence Spam option, choose the action to be taken for spam messages:

  • By Default, action is Move Messages to Junk box.
  • Delete Message: To delete the spam mail along with attachment.
  • Quarantine Message: To send the spam message to quarantine.
  • Add X Header: To send the mail to receiver by adding X-header field in it. It can help the receiver to identify the spam messages.
  • Prepend Subject Line with text: The message is sent to receiver, but by adding a line in the subject to make it identifiable.
  • Redirect Messages: To redirect the mail to email address instead of receiver.

5. Under the Block List page, add the senders which need to be blocked:

  • Sender Block List: Click on + to add the senders to block list.
  • Domain Block List: Click on + to add the domains to block list.

6. Under the Allow List, specify the emails that will be redirected to inbox directly, without going through filters:

  • Sender Allow List: Specify the list of trusted senders.
  • Domain Allow List: Specify the list of trusted domains.

7. Under International Spam page, the users can filter the emails from particular country, language. It allows to configure 86 different languages and 250 different regions.

  • Filter email messages written in following languages: Click on + to add the languages, which need to be filtered.
  • Filter email messages from specified regions: Click on + to add the list of countries or regions from where the messages need to be blocked.

8. Click on Save to apply the changes made to the new policy.

#3: Office 365 Outbound Spam Filtering

Sometimes, your system get so infected that even the outgoing emails get spammed. So, the outgoing mails should also be filtered in the following way:

1. Login to EAC(Exchange Admin Center) and browse ProtectionOutbound Spam.
2. Click on Outbound Spam Preferences option.
3. Choose the checkbox accordingly:

  • Send a copy of all suspicious email messages to the following email address
  • Send a notification to the following address when a sender is blocked sending outbound spam.

4. Click on Save to make the changes.

#4: Create Transport Rule in Office 365

Apart from the above-discussed filters, the users can customize the level of spam messages by using transport rules. One can specify the crucial level of spam messages to verify whether the mail is spam or not. The following steps need to be carried out to create transport rules:

1. Login to EAC and navigate Mail Flow → Rules.
2. Click on + to create a new rule.
3. Select create new rule option and specify the name for this option.
4. Under More Options → Apply this rule if, specify the condition to mark the mail as spam.
5. Under Do The Following option, choose the action to be taken for spam mail.
6. Under the Specify SCL Box, select the required option:

  • Bypass spam Filtering: It sets the value to -1, indicating that filtering will not be done.
  • 0-4: The message is passed to the filter for further processing.
  • 5,6: It performs the action that has been specified for spam mails.
  • 7-9:The mail is considered as high confidence spam.

7. Click on Save.


Since security is the major goal for every user, the Office 365 users are advised to go for Office 365 anti-spam policy to secure the accounts from spam/ junk messages. It provides security at different levels such as within organization, outside organization, from different countries etc.