Introduction Why Fine-Tune Your M365 Email Security?
CloudFilter plays a key role in filtering emails within your Microsoft 365 tenant. While CloudFilter handles a significant portion of email filtering, Microsoft 365's configuration directly impacts email deliverability and the volume of messages ending up in quarantine.
This guide provides actionable steps to modify Anti-Spam and Anti-Phishing policies, minimizing disruptions and ensuring critical communications reach their intended recipients.
Anti-Spam Modifying Policies in Microsoft 365
To access and modify your Anti-Spam policies, you'll need an account with Security Administrator or Global Administrator rights within the Microsoft 365 Defender portal.
Navigate to Email & collaboration -> Policies & rules -> Threat policies -> Anti-spam policies.
You can either modify the 'default' policy (Microsoft-managed) or create a custom policy for more granular control. When configuring, pay close attention to these key settings:
* Spam filtering settings: Configure thresholds for spam, high-confidence spam, and bulk email.
* Actions: Determine how to handle detected spam messages (e.g., move to Junk Email, quarantine, or delete).
* Recipient filters: Define which users, groups, or domains the policy applies to.
* Advanced options: Enable protections like SPF/DKIM/DMARC enforcement and NDR (Non-Delivery Report) handling. Remember to Save Your Changes after modification.
Anti-Phishing Modifying Policies in Microsoft 365
Within the Threat policies section, select Anti-phishing policies. You'll see a 'default' policy, which is read-only. To customize your protection, create a new policy or edit an existing one.
Key settings to configure for robust anti-phishing defense include:
* User impersonation protection: Add executives and VIP users to safeguard against spoofing attempts.
* Domain impersonation protection: Add your internal and trusted domains to prevent attackers from impersonating your organization.
* Mailbox intelligence: Utilize behavioral patterns to identify suspicious anomalies.
* Actions: Decide how to handle detected phishing attempts (e.g., quarantine the message, move it to Junk Email).
* Apply to: Choose which users, groups, or domains the policy will affect. Save and apply the policy after configuration.
“Proactive email security is essential to protect your organization from phishing attacks and ensure optimal email deliverability.
Security Expert
Interactive Resources
Further your understanding with these helpful resources:
Related Articles
Explore articles about allow lists, block lists, message rules and enforcing TLS connections.
Conclusion Enhance Your Email Security Today
By diligently configuring your Anti-Spam and Anti-Phishing policies within Microsoft 365, you can significantly improve your email security posture. Regularly review and update these policies to adapt to evolving threats.
For more comprehensive guidance, refer to Microsoft's official documentation on anti-spam and anti-phishing best practices. Implementing these adjustments will ensure a more secure and efficient email experience for your organization.