Spam Filters in Microsoft 365 Exchange Online
### Default Anti-Spam Policies
Microsoft 365 includes built-in anti-spam filtering through Exchange Online Protection (EOP).
To view or edit policies:
1. Go to **security.microsoft.com**
2. Email & collaboration → Policies & rules → Threat policies → Anti-spam
### Editing the Default Anti-Spam Policy
Click "Anti-spam inbound policy (Default)" → Edit:
- **Spam action:** Move to Junk folder (default) or Quarantine
- **High confidence spam:** Quarantine recommended
- **Phishing:** Quarantine
- **Bulk complaint level (BCL):** Lower threshold = more aggressive filtering
### Creating Custom Anti-Spam Policies
Useful for applying different rules to specific users or domains.
New → Name policy → Applied to: specific users, groups, or domains → Configure thresholds
### Safe Sender Lists (User Level)
In Outlook on the web:
Settings → Junk email → Safe senders and recipients → Add email or domain
### Safe Sender Lists (Admin Level — Bypass Spam Filter)
Exchange Admin Centre → Mail flow → Rules → Create rule:
- Condition: Sender domain is @trustedpartner.com
- Action: Set spam confidence level (SCL) to -1 (bypass spam filter)
### Blocked Senders
User level: Outlook Settings → Junk email → Blocked senders
Admin level: Anti-spam policy → Block list → Add IPs or domains
### Quarantine Management
security.microsoft.com → Review → Quarantine
Users can release their own emails; admins can release for anyone.
### Checking Why an Email Was Filtered
Message trace: security.microsoft.com → Email & collaboration → Exchange message trace
Search by sender, recipient, date → View delivery status and filter reason