2 min read

How to Set Up Exchange Online Protection

Featured Image

In this blog post, we're going to walk you through the step-by-step process for setting up Exchange Online Protection (EOP). Although setting up Exchange Online Protection is important, it is only one portion of a comprehensive email security strategy. This blog is the 2nd post of a 5 post series titled Your Complete Guide to Microsoft Email Security. The 5 steps to email security are:

  1. Configure DKIM, DMARC, SPF
  2. Deploy EOP (Exchange Online Protection) - this post
  3. Set up Office Message Encryption
  4. Enable Office 365 ATP (Advanced Threat Protection)
  5. Enable Office 365 MFA with Authenticator App

Exchange Online Protection: Anti-spam and anti-malware

Part 1 - Exchange Online Protection Anti-Spam


  1. Go to https://protection.office.com/
  2. Click on Anti-Spam
  3. Make sure that standard settings is turned on
  4. Go to Exchange Admin Center
  5. Click on Protection
  6. Click on Spam Filter

Spam filter exchange online protection

  1. Click on Configure end-user spam notification
  2. Click on Enable end-user spam notification
  3. Leave the Send end-user spam notifications every (days) to 3
  4. Click Save

You are done with setting up Anti-spam!


Microsoft Exchange Online Protection - Anti-malware

  1. Click on Anti-malware
  2. Click on Default
  3. A popup window will open
  4. Click on Settings 

anti-malware: exchange online protection

I would advise the following:

  1. Under Malware Detection Response, select Yes and use custom notification text.
  2. In the text box, you could type something like "Malware Alert!  We have found malware in this message attachment and the message has been quarantined.  Please contact your administrator, John Doe, at johndoe@microsoft.com for more details"
  3. Under Common Attachment Types Filter, select On - Emails with attachments of filtered file types will trigger the Malware Detection Response (recommended).
  4. Under Notifications, select Notify internal senders and Notify external senders
  5. Under Administrator Notifications, select Notify administrator about undelivered messages from internal senders and Notify administrator about undelivered messages from external senders
  6. Add the administrator email address that should receive the notification
  7. Click Save


Set Outbound Spam Notifications

First, you will need to create a new contact within Office 365 in order to have someone receive notifications, or at least apply this rule to the current Global Admin.

  1. Go to Admin Center
  2. Select Users
  3. Select Contacts
  4. Click add a contact
  5. enter contact info (this example uses BEMO, but this would be your IT contact or Global Admin)

create contact for outbound spam notifications eop

  1. Click save
  2. Select Groups
  3. Click on Groups
  4. Click on add a group
  5. Under Type, select Distribution List
  6. Under Name, type "Company Name" IT Team
  7. Click Add
  8. Click Close
  9. Select Groups
  10. Click on Groups
  11. Within the 'View' drop down list, select Distribution list
  12. Add an Owner (add your Global Admin of the company as the Owner of the Distribution Group)
  13. Click close
  14. Go to Exchange Admin Center
  15. Open Protection
  16. Go to https://protection.office.com/antispam
  17. Expand the Outbound spam policy and click on Edit Policy

Exchange Online Protection Anti-Spam Policy setup

  1. Under Notifications, check mark the two options "
  2. Send a copy of suspicious outbound email messages to specific people." and "
  3. Notify specific people if a sender is blocked due to sending outbound spam." and click on Add People.
  4. Enter the email you want the notification to go to
  5. Open the default policy (or any other policy)
  6. Select Outbound spam preferences
  7. Check mark the Send a notification to the following email address or addresses when a sender is blocked for sending outbound spam check box

Now if any of your mailboxes are sending out spam you will know about it!

Not looking to do this yourself? 

Schedule a meeting with us to learn more about implementing Exchange Online Protection and all the other email security tools offered by Microsoft.


Leave us a comment!