If your company its using Exchange Online services and you are responsible for email security, you have many options that you can implement to improve email security. By default every new Exchange Online tenant come with a defaults protections policy such as:

  • malware filter policy
  • Connection filter policy
  • Spam filter policy

Every default policy can be viewed, edited but not deleted. Its so recommended that you review all of this policies.

As administrator, you can create additional malware or spam policies and applies it to specific users or groups.

The malware filter policy allow you to set controls for malware filter over the service. This policy protect in both directions. You can set several policies.

With this policy, you can:

  • Delete the entire message
  • Delete all attachments and use default alert text
  • Delete all attachments and use custom alert text

Additionally, you can send a message notification to internal sender or external sender.



In the connection filter policy you can set list for allowed IP addresses and a list for blocked IP addresses. This policy can be used to set trusted partners IP addresses.

The Spam filter policy, allow you to reduce the amount of unwanted email. With it, you can set a list for allowed or blocked emails addresses and domains.

You can set spam and bulk actions like:

  • Quarantine message
  • Move message to Junk Email folder
  • Delete message
  • Add X-header

Also, you can set retention period for Quarantine message, block/allow emails sender or domains sender and others options.