introduction
in previous article we have discuss anti SPAM filter concepts
this article we will see how to create anti SPAM filter with some case study , please back to SPAM filter part I before practicing
who can configure anti-SPAM policy
as mentioned previously [please back to first article of EOP ] : the users with the following Rules can configure EOP policies :
- global admin
- exchange admin
- security admin
Admins can view, edit, and configure (but not delete) the default anti-SPAM policy to meet the needs of their organizations
Also admin can also create custom anti-SPAM policies that apply to specific users, groups, or domains in your organization.
Custom policies always take precedence over the default policy, but you can change the priority of your custom policies.
built-in anti-spam policy
very organization has a built-in anti-spam policy named Default that has properties:
- The policy is applied to all recipients in the organization, even though there’s no spam filter rule (recipient filters) associated with the policy. >> in simple words : we have policy without Rule
- The policy has the custom priority value Lowest that you can’t modify (the policy is always applied last). Any custom policies that you create always have a higher priority.
- The policy is the default policy (the IsDefault property has the value
True), and you can’t delete the default policy.
sample 01 : allow domain to pass PAM filter
NetwroksPioneers.com has another sister company called Net-pioneers
company policy state that email from domain Net-pioneers.com sould pass anti-SPAM policy as it come from trusted domain
first open SCC Security & Compliance Center >> threat management >> policy >> anti spam policy https://protection.office.com/antispam
sample 02 : Mark domain as SPAM
company has requirement to mark any email from free email [gmail and yahoo ] as spam
open SCC Security & Compliance Center >> threat management >> policy >> anti spam policy https://protection.office.com/antispam
then create new policy
Sample 03 : check email from other languages
company policy state that any message with arabic and chinese language should be check for SPAM
open SCC Security & Compliance Center >> threat management >> policy >> anti spam policy https://protection.office.com/antispam
and create policy
sample 04 : email from specific Counties
company policy state any email from iran or turkey or afghanistan : >> should be check for spam
open SCC Security & Compliance Center >> threat management >> policy >> anti spam policy https://protection.office.com/antispam
create new policy
sample 05 : mark empty message as SPAM
company policy state that any empty message should be mark as spam
open SCC Security & Compliance Center >> threat management >> policy >> anti spam policy https://protection.office.com/antispam
create new policy
Conclusion
anti-spam policy is fourth EOP tool to check email
anti-spam policy has manay many option : which require more practice
