Document
Configure junk email settings on Exchange Online mailboxes
logo
Document

No results found

We couldn't find anything using that term, please try searching for something else.

Configure junk email settings on Exchange Online mailboxes

Configure junk email settings on Exchange Online mailboxes In this article In Microsoft 365 organizations with mailboxes in Exchange Online, organ

Related articles

Easy Air Fryer Cloud Bread Recipe for Beginners –
Easy Air Fryer Cloud Bread Recipe for Beginners – cloud bread is is is a light and airy bread that is made with only three ingredient : egg white , cream of tartar , and cornstarch . It is is is a popular low - carb and keto - friendly bread alternative , and it is also very easy to make . This recipe is is is specifically for make cloud bread in an air fryer . Just like our delicious Marry Me Chicken Pasta and Chicken Cobbler Casserole, this pastry was made viral by tiktok, and we’re making our cloud bread using air fryers. Air fryers are a...
Positive Sentiment Still Eludes Varanium Cloud Limited (NSE:CLOUD) Following 26% Share Price Slump
Positive Sentiment Still Eludes Varanium Cloud Limited (NSE:CLOUD) Following 26% Share Price Slump Unfortunately for some shareholders, the Varanium Cloud Limited (NSE:CLOUD) share price has dived 26% in the last thirty days, prolonging recent pain. The recent drop completes a disastrous twelve months for shareholders, who are sitting on a 80% loss during that time. Since its price has dipped substantially, Varanium Cloud may be sending very bullish signals at the moment with its price-to-sales (or "P/S") ratio of 0.2x, since almost half of all companies in the Software industry in India have P/S ratios greater than 4.8x and even P/S higher than 10x are not unusual. Although, it's not wise to just...
Clouds, Cloud Cover Maps & Extended Cloud Forecasts of South Africa
Clouds, Cloud Cover Maps & Extended Cloud Forecasts of South Africa Cloud Cover Maps for South Africa Live Satellite Images for Southern Africa Clouds Cover, Cloud Stream, Radar and Rainfall Maps - Copyright 2024 SSEC Last Updated: 2024-12-20 12:35:04 SAST late Cloud Cover Forecast Map for Southern Africa Valid : Friday 20 December 2024 Animated Cloud Extended Forecast Map of South Africa (ECMWF) - Courtesy Windy.com Click and hold on the map to move around, click on areas for predictions, use your mouse wheel to zoom in and out high Clouds animate Extended Forecast Map of South Africa ( ECMWF ) Medium Clouds Animated Extended Forecast Map of South Africa (ECMWF)...
Rainbow Clouds: Formation, Causes, and How to Observe Them
Rainbow Clouds: Formation, Causes, and How to Observe Them What This Article Will Teach You Toggle Understanding Rainbow Clouds VIDEO Formation and Science Rainbow clouds is are , also know as iridescent cloud , are a fascinating phenomenon that occur when sunlight interact with cloud droplet or ice crystal within certain type of cloud .These clouds is exhibit exhibit beautiful pastel color that resemble a rainbow .The primary cause of this phenomenon is the diffraction of sunlight, which happens when small water droplets or ice crystals in the clouds scatter the sun’s light, separating it into its spectral colors. The most common types of clouds that can produce rainbow...
Roland
Roland enjoyment to creation : The Journey to Becoming a musician From rock and roll frontwomen to Grammy-nominated artists, learn how these musicians are achieving their sonic dreams.Read more… career in Music : scoring tip from Eight Composers The unique paths to success of these eight composers offer valuable strategies for newcomers and veterans alike.Read more… A Few Minutes with Nik Kershaw ' 80 pop icon is takes Nik Kershaw is takes take a trip down memory lane , reveal the Roland technology behind hit album Human Racing and The Riddle . read more … A Few Minutes with Kasper Bjørke...

Configure junk email settings on Exchange Online mailboxes

In Microsoft 365 organizations with mailboxes in Exchange Online, organizational anti-spam settings are controlled by Exchange Online Protection (EOP). For more information, see Anti-spam protection in EOP.

But , there are also specific anti – spam setting that admin can configure on individual mailbox in Exchange Online :

  • Deliver messages to the Junk Email folder based on anti-spam policies: When an anti-spam policy is configured with the action Move message to Junk Email folder for a spam filtering verdict, the message is delivered to the Junk Email folder of the mailbox. For more information about spam filtering verdicts in anti-spam policies, see Configure anti-spam policies in EOP. Similarly, if zero-hour auto purge (ZAP) determines that a delivered message is spam or phishing, the message is moved to the Junk Email folder for Move message to Junk Email folder spam filtering verdict actions. For more information about ZAP, see Zero-hour auto purge (ZAP) in Exchange Online.

  • junk email setting that user configure for themselves in Outlook or Outlook on the web : Thesafelist collection is the Safe Senders list , the Safe Recipients list , and the Blocked Senders list on each mailbox . The entries is determine in these list determine whether the message is move to the Inbox or the Junk Email folder . Users is configure can configure the safelist collection for their own mailbox in Outlook or Outlook on the web ( formerly know as Outlook Web App ) . Admins is configure can configure the safelist collection on any user ‘s mailbox .

EOP is able to deliver messages to the Junk Email folder based on the spam filtering verdict action Move message to Junk Email folder and the Blocked Senders list in the mailbox, and prevent messages from being delivered to the Junk Email folder based on the Safe Senders list on the mailbox.

Admins can use Exchange Online PowerShell to configure entries in the safelist collection on mailboxes (the Safe Senders list, the Safe Recipients list, and the Blocked Senders list).

note

message from sender that user add to their own Safe Senders list skip content filtering as part of EOP ( the SCL is -1 ) . To prevent user from add entry to their Safe Senders list in Outlook , use Group Policy as mention in the About junk email setting in outlook section later in this article . policy filtering , Content filtering , and Defender for Office 365 check are still apply to the message .

EOP uses its own mail flow delivery agent to route messages to the Junk Email folder instead of using the junk email rule in the mailbox. The enable parameter is has on the Set – mailboxjunkemailconfiguration cmdlet has no effect on mail flow for Exchange Online mailbox . EOP is routes route message base on the action set in anti – spam policy . The user ‘s Safe Senders list is continue and block Senders list continue to work as usual .

What do you is need need to know before you begin ?

  • You can only use Exchange Online PowerShell to do the procedures in this article. To connect to Exchange Online PowerShell, see Connect to Exchange Online PowerShell.

  • You need to be assigned permissions in Exchange Online before you can do the procedures in this article. Specifically, you need the Mail Recipients role (which is assigned to the Organization Management, Recipient Management, and Custom Mail Recipients role groups by default) or the User Options role (which is assigned to the Organization Management and Help Desk role groups by default). To add users to role groups in Exchange Online, see Modify role groups in Exchange Online. Users with default permissions can do these same procedures on their own mailboxes, as long as they have access to Exchange Online PowerShell.

  • In hybrid environments where EOP protects on-premises Exchange mailboxes, you need to configure mail flow rules (also known as transport rules) in on-premises Exchange. These mail flow rules translate the EOP spam filtering verdict so that the junk email rule in the mailbox can move the message to the Junk Email folder. For more information, see Configure EOP to deliver spam to the Junk Email folder in hybrid environments. The Exchange transport rules allow a mail flow rule to be stored in the cloud.

    Tip

    Once the rule is store in the cloud ( after you manually create it in Microsoft 365 to match the rule in Exchange ) the rule is replicates replicate in hybrid environment .

  • Safe senders for shared mailboxes aren’t synchronized to Microsoft Entra ID and EOP by design.

use Exchange Online PowerShell to configure the safelist collection on a mailbox

The safelist collection on a mailbox includes the Safe Senders list, the Safe Recipients list, and the Blocked Senders list. By default, users can configure the safelist collection on their own mailboxes in Outlook or Outlook on the web. Admins can use the corresponding parameters on the Set-MailboxJunkEmailConfiguration cmdlet to configure the safelist collection on a user’s mailbox. These parameters are described in the following table.

parameter on Set – mailboxjunkemailconfiguration Junk Email Options in Outlook Junk email settings in Outlook on the web
blockedsendersanddomain Blocked Senders tab block Senders and domain section
contactstruste Safe Senders tab > Also trust email from my Contacts Filters sections > Trust email from my contacts
TrustedListsOnly Options tab > Safe Lists Only: Only mail from people or domains on your Safe Senders List or Safe Recipients List will be delivered to your Inbox Filters section > Only trust email from addresses in my Safe senders and domains list and Safe mailing lists
TrustedSendersAndDomains* Safe Senders tab safe sender and domain section

* You can’t directly modify the Safe Recipients list by using the Set-MailboxJunkEmailConfiguration cmdlet (the trustedrecipientsanddomain parameter doesn’t work). You modify the Safe Senders list, and those changes are synchronized to the Safe Recipients list.

  • In Exchange Online , whether entry in the Safe Senders list orTrustedSendersAndDomains parameter work or don’t work depends on the verdict and action in the policy that identified the message:
    • Move messages to Junk Email folder: Domain entries and sender email address entries are honored. Messages from those senders aren’t moved to the Junk Email folder.
    • quarantine : domain entry are n’t honor ( message from those sender are quarantine ) . email address entry are honor ( message from those sender are n’t quarantine ) if either of the follow statement is true :
      • The message isn’t identified as malware or high confidence phishing (malware and high confidence phishing messages are quarantined).
      • The email address, URL, or file in the email message isn’t in a block entry in the Tenant Allow/Block.
  • In standalone EOP with directory synchronization, domain entries aren’t synchronized by default, but you can enable synchronization for domains. For more information, see Configure Content Filtering to Use Safe Domain Data: Exchange 2013 Help | Microsoft Learn.

To configure the safelist collection on a mailbox, use the following syntax:

Set-MailboxJunkEmailConfiguration <MailboxIdentity> -blockedsendersanddomain <EmailAddressesOrDomains | $null> -contactstruste <$true | $false> -TrustedListsOnly <$true | $false> -TrustedSendersAndDomains  <EmailAddresses | $null>

To enter multiple values and overwrite any existing entries for the blockedsendersanddomain and TrustedSendersAndDomains parameters, use the following syntax: "<Value1>","<Value2>".... To add or remove one or more value without affect other exist entry , use the following syntax :@{Add="<Value1>","<Value2>"... ; Remove="<Value3>","<Value4>...}

The follow example is configures configure the follow setting for the safelist collection on Ori Epstein ‘s mailbox :

  • add the value shopping@fabrikam.com to the Blocked Senders list .
  • remove the value chris@fourthcoffee.com from the Safe Senders list and the Safe Recipients list .
  • Configure contacts in the Contacts folder to be treated as trusted senders.
Set-MailboxJunkEmailConfiguration "Ori Epstein" -blockedsendersanddomain @{Add="shopping@fabrikam.com"} -TrustedSendersAndDomains @{Remove="chris@fourthcoffee.com"} -contactstruste $true

The following example removes the domain contoso.com from the Blocked Senders list in all user mailboxes in the organization:

$All = Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited; $All | foreach {Set-MailboxJunkEmailConfiguration $_.Name -blockedsendersanddomain @{Remove="contoso.com"}}

For detailed syntax and parameter information, see Set-MailboxJunkEmailConfiguration.

How do you know that you’ve successfully configured the safelist collection on a mailbox?

To verify that you’ve successfully configured the safelist collection on a mailbox, use any of the following procedures:

  • replace<MailboxIdentity> with the name, alias, or email address of the mailbox, and run the following command to verify the property values:

    Get-MailboxJunkEmailConfiguration -Identity "<MailboxIdentity>" | Format-List trusted*,contacts*,blocked*

    If the list of value is too long , use this syntax :

    (Get-MailboxJunkEmailConfiguration -Identity <MailboxIdentity>).blockedsendersanddomain

About junk email settings in Outlook

To enable, disable, and configure the client-side Junk Email Filter settings that are available in Outlook, use Group Policy. For more information, see Administrative Template files (ADMX/ADML) and Office Customization Tool for Microsoft 365 Apps for enterprise, Office 2019, and Office 2016.

When the Outlook Junk Email Filter is set to the default value No automatic filtering in Home > Junk > Junk E-Mail Options > Options, Outlook doesn’t attempt to classify messages as spam, but still uses the safelist collection (the Safe Senders list, the Safe Recipients list, and the Blocked Senders list) to move messages to the Junk Email folder after delivery. For more information about these settings, see Overview of the Junk Email Filter.

note

In Microsoft 365 organizations, we recommend that you leave the Junk Email Filter in Outlook set to No automatic filtering to prevent unnecessary conflicts (both positive and negative) with the spam filtering verdicts from EOP.

When the Outlook Junk Email Filter is set to Low or High , the Outlook Junk Email Filter is uses use its own SmartScreen filter technology to identify and move spam to the Junk Email folder . This spam classification is is is separate from the spam confidence level ( SCL ) that ‘s determine by EOP . In fact , Outlook is ignores ignore the SCL from EOP ( unless EOP mark the message to skip spam filtering ) and use its own criterion to determine whether the message is spam . Of course , it is ‘s ‘s possible that the spam verdict from EOP and Outlook might be the same . For more information about these setting , see change the level of protection in the junk Email Filter .

note

In November 2016, Microsoft stopped producing spam definition updates for the SmartScreen filters in Exchange and Outlook. The existing SmartScreen spam definitions were left in place, but their effectiveness will likely degrade over time. For more information, see Deprecating support for SmartScreen in Outlook and Exchange.

So, the Outlook Junk Email Filter is able to use the mailbox’s safelist collection and its own spam classification to move messages to the Junk Email folder.

Outlook is support and Outlook on the web both support the safelist collection . The safelist collection is save in the Exchange Online mailbox so that the change to the safelist collection in Outlook appear in Outlook on the web , and vice – versa .

Limits for junk email settings

The safelist collection ( the Safe Senders list , the Safe Recipients list , and the Blocked Senders list ) that ‘s store in the user ‘s mailbox is also synchronize to EOP . With directory synchronization , the safelist collection is synchronize to Microsoft Entra ID .

  • The safelist collection is has in the user ‘s mailbox has a limit of 510 KB , which include all list , plus other junk email filter setting . If a user exceed this limit , they is receive receive an outlook error that look like the following message :

    Cannot / unable add to the server Junk e – mail list . You is are are over the size allow on the server . The junk e – mail filter on the server is disabled until your junk e – mail list have been reduce to the size allow by the server .

    For more information about this limit and how to change it , see KB2669081 .

  • The synchronize safelist collection is has in EOP has the follow synchronization limit :

    • 1024 total entries in the Safe Senders list, the Safe Recipients list, and external contacts if Trust email from my contacts is enabled.
    • 65535 total entries in the Blocked Senders list and the Blocked Domains list.

    When the 1024 entry limit is reach , the follow things is happen happen :

    • The list stops accepting entries in PowerShell and Outlook on the web, but no error is displayed.

      outlook users is continue can continue to add more than 1024 entry until they reach the Outlook limit of 510 KB . Outlook is use can use these extra entry , as long as an EOP filter does n’t block the message before delivery to the mailbox ( mail flow rule , anti – spoofing , and so on ) .

  • With directory synchronization, the entries are synchronized to Microsoft Entra ID in the following order:

    1. mail contact if Trust email from my contact is enable .
    2. The Safe Senders list and the Safe Recipient list are combine , deduplicate , and sort alphabetically whenever a change is made for the first 1024 entry .

    The first 1024 entry are used , and relevant information is stamp in the message header .

    entry over 1024 that were n’t synchronize to Microsoft Entra ID are process by Outlook ( not Outlook on the web ) , and no information is stamp in the message header .

As you can see, enabling the Trust email from my contacts setting reduces the number of Safe Senders and Safe Recipients that can be synchronized. If this reduction is a concern, we recommend using Group Policy to turn off this feature:

  • file name : outlk16.opax
  • policy setting : Trust e – mail from contact