Blog Post

Exchange Team Blog
2 MIN READ

Reply All Storm Protection Customizable Settings

The_Exchange_Team's avatar
May 05, 2021

Last year we released the Reply-all Storm Protection feature to help protect your organization from unwanted reply-all storms. This feature uses global settings applicable to all Microsoft 365 customers for reply-all storm detection and for how long the feature will block subsequent reply-alls once a storm has been detected. Today we're pleased to announce you'll now have the ability to make these settings specific to your Microsoft 365 organization; email admins will have the flexibility to enable/disable the feature, and set customized detection thresholds and block duration time. This not only makes it more flexible to tailor for your organization, but it also  allows more Microsoft 365 customers to take advantage of the Reply-all Storm Protection feature since the minimum number of reply-all recipients for detection can now be as low as 1000 when previously it was hard-coded at 5000.

The current Reply-all Storm Protection settings for Microsoft 365 are as follows:

Setting

Default

Enabled/disabled

Enabled

Minimum number of recipients

5000

Minimum number of reply-alls

10

Detection time sliding window

60 minutes

Block duration (once detected)

4 hours

Based on our telemetry and customer feedback we're also taking this opportunity to update a few of the default settings.  Once this change has rolled out, the default settings for each Microsoft 365 organization will be the following:

Setting

Default

Enabled/disabled

Enabled

Minimum number of recipients

2500 (previously 5000)

Minimum number of reply-alls

10

Detection time sliding window

60 minutes

Block duration (once detected)

6 hours (previously 4 hours)

The customizations possible for each setting will be as follows:

Setting

Customizable options

Enabled/disabled

Enabled or Disabled

Minimum number of recipients

1000 to 5000

Minimum number of reply-alls

2 to 20

Detection time sliding window

60 minutes (not customizable)

Block duration (once detected)

1 to 24 hours

Admins will be able to use the Set-TransportConfig Remote PowerShell cmdlet to update the settings for their organization:

Setting

Cmdlet

Enabled/disabled

Set-TransportConfig -ReplyAllStormProtectionEnabled [$True:$False]

 

Number of recipients threshold

Set-TransportConfig  -ReplyAllStormDetectionMinimumRecipients [1000 – 5000]

 

Number of reply-alls threshold

Set-TransportConfig -ReplyAllStormDetectionMinimumReplies [2 – 20]

 

Block duration

Set-TransportConfig -ReplyAllStormBlockDuration [1 – 24]

 

These updates are rolling out now and should be fully available to all Microsoft 365 customers by mid-June. While this should come as a welcome update for customers wanting to better take advantage of the Reply-all Storm Protection feature, we are not done yet! In future updates we plan to provide an insight, report, and optional notifications for the feature as well. And if there's enough customer feedback for it, we'll consider also exposing the ability to customize these settings in the Exchange Admin Center. Let us know what you think!

The Exchange Transport Team

Updated Mar 31, 2023
Version 6.0