Any custom policies that you create always have a higher priority. The policy has the custom priority value Lowest that you can't modify (the policy is always applied last).The policy is applied to all recipients in the organization, even though there's no spam filter rule (recipient filters) associated with the policy.For more information, see the Use Exchange Online PowerShell or standalone EOP PowerShell to configure anti-spam policies section later in this article.Įvery organization has a built-in anti-spam policy named Default that has these properties: In Exchange Online PowerShell or standalone EOP PowerShell, you manage the policy and the rule separately. When you remove an anti-spam policy, the spam filter rule and the associated spam filter policy are removed.All other settings modify the associated spam filter policy. When you modify an anti-spam policy, settings related to the name, priority, enabled or disabled, and recipient filters modify the spam filter rule.When you create an anti-spam policy, you're actually creating a spam filter rule and the associated spam filter policy at the same time using the same name for both.The difference between these two elements isn't obvious when you manage anti-spam polices in the Microsoft 365 Defender portal: The spam filter rule: Specifies the priority and recipient filters (who the policy applies to) for a spam filter policy.The spam filter policy: Specifies the actions for spam filtering verdicts and the notification options.The basic elements of an anti-spam policy are: You can configure anti-spam policies in the Microsoft 365 Defender portal or in PowerShell (Exchange Online PowerShell for Microsoft 365 organizations with mailboxes in Exchange Online standalone EOP PowerShell for organizations without Exchange Online mailboxes). Custom policies always take precedence over the default policy, but you can change the priority (running order) of your custom policies.
For greater granularity, you can also create custom anti-spam policies that apply to specific users, groups, or domains in your organization. For more information, see Anti-spam protection.Īdmins can view, edit, and configure (but not delete) the default anti-spam policy. EOP uses anti-spam policies (also known as spam filter policies or content filter policies) as part of your organization's overall defense against spam. In Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, inbound email messages are automatically protected against spam by EOP. Microsoft Defender for Office 365 plan 1 and plan 2.This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 Defender portal. The improved Microsoft 365 Defender portal is now available.