Defend your organization with Exchange Online Protection

Stop Spam RMI

What is the Anti-Spam Filter?

Your organization’s anti-spam filter (more commonly referred to as just the spam filter) is the first line of defense against malicious scammers. “Spam Bots” are entities that bombard companies with spam to get personal information or compromise an internal network and the spam filter is the first line of defense against those types of emails. Microsoft has a large database of known malicious actors which it uses to separate spam from legitimate email. Microsoft has a spam catch rate of over 99% which is great but of course no amount of protection can offer 100% success rate. Luckily there are many options that we can use to customize and strengthen the spam filter. Some examples include the ability to add domains and senders to block lists, filter emails based on certain properties, block certain types of addresses, block emails from certain countries just to name a few.


What is the Anti-Malware Filter?

Malware is a term that covers viruses and spyware that may be embedded in spam emails. Microsoft takes a multi-layered approach to anti-malware. The first layer is the scan engine which scans all email flowing inbound and outbound from your organization to look for known threats. They also scan for unknown threats by looking for certain characteristics. The second layer involves real time threat response. If a scan engine detects malware Microsoft is alerted immediately and the team begins to roll out rules to spread that information to other scan engines. Malware is being detected throughout Office 365 all the time and Microsoft updates their global malware definition network every two hours. The third layer involves cooperation between Microsoft and partners with the purpose of sharing information on known malware threats.


What are Transport Rules?

This feature allows administrators to set rules for emails at the organization level. A few examples include the following:

  • Set a legal disclaimer on emails going from internal users to external email addresses.
  • Set alerts for emails coming in from certain partners.
  • Block certain file attachments from coming in or out.

There are many options with Transport Rules that can help increase security in your email environment.


What is Message Trace?

Message Trace is a feature that allows an administrator to look at details of emails flowing in and out of Office 365. Here are some examples of the type of information you can get from Message Trace:

  • A user is reporting that they didn’t get the email you sent them. Check Message trace to see if the email was placed in the user’s Junk folder.
  • Find out the IP Address associated with an email that you received.
  • Check message trace to find out how many users received a specific spam email.

Message trace is a useful tool when troubleshooting email delivery issues.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s