Forum Discussion

YorkshireMidge's avatar
YorkshireMidge
Copper Contributor
May 28, 2024
Solved

Tenant allow/block list and Exchange rules - order of execution

I've just been trying to reduce all the emails from a particularly large global spam bot which hit my tenant daily and aren't being picked up automatically as SPAM by the service.   The bot uses many...
Exchange Online Protection
  • KingsleyU's avatar
    KingsleyU
    May 29, 2024

    YorkshireMidge 

     

    In as much as the Advanced Threat Protection offers more features such as heuristic detection mechanism for suspicious contents in an email, it is important to consider the order of precedence that EOP applies to email. Also, when you block a domain using the TABL feature, always select the option "never expire".

     

    Useful Article

    https://learn.microsoft.com/en-us/defender-office-365/how-policies-and-protections-are-combined

    https://learn.microsoft.com/en-us/defender-office-365/protection-stack-microsoft-defender-for-office365

     

    I hope you find this useful.

     

    Thanks

Kidd_Ip's avatar
Kidd_Ip
MVP
May 28, 2024

YorkshireMidge 

 

Will you consider Advanced Threat Protection (ATP) ?

 

Resources