SOLVED
Home

Office 365 ATP in conjunction with a Third Party spam filter

%3CLINGO-SUB%20id%3D%22lingo-sub-1124067%22%20slang%3D%22en-US%22%3EOffice%20365%20ATP%20in%20conjunction%20with%20a%20Third%20Party%20spam%20filter%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1124067%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20just%20after%20any%20advice%2C%20experience%2C%20comments%2C%20lessons%20learned%2C%20etc%20in%20relation%20to%20using%20Office%20365%20Advanced%20Threat%20Protection%20to%20enhance%20anti-spam%20capabilities%20for%20Exchange%20Online.....but%20in%20a%20scenario%20where%20the%20anti-spam%20is%20being%20handled%20by%20an%20external%20service%20and%20not%20EOP.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E*%20Should%20we%20do%20this%3F%3C%2FP%3E%3CP%3E*%20Does%20ATP%20lose%20some%20of%20it's%20capabilities%20when%20the%20filtered%20mail%20from%20the%20external%20spam%20filter%20is%20treated%20as%20clean%20(SCL%20-1%20or%20equivalent)%3F%3C%2FP%3E%3CP%3E*%20If%20there%20is%20no%20sender%20rewrite%20by%20the%20third%20party%20spam%20filter%2C%20does%20ATP%20mailbox%20intelligence%20or%20anti-phishing%20policies%20even%20work%3F%3C%2FP%3E%3CP%3E*%20Anything%20to%20add%20would%20be%20welcome%20here%20really%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1124067%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdvanced%20Threat%20Protection%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EATP%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EEOP%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%20Online%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%20Online%20Protection%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThird%20party%20spam%20filter%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1124402%22%20slang%3D%22en-US%22%3ERe%3A%20Office%20365%20ATP%20in%20conjunction%20with%20a%20Third%20Party%20spam%20filter%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1124402%22%20slang%3D%22en-US%22%3EHi%3CBR%20%2F%3E%3CBR%20%2F%3EOfficially%20it%E2%80%99s%20not%20recommended%20or%20supported.%20See%20article%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fmail-flow-best-practices%2Fmanage-mail-flow-using-third-party-cloud%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fmail-flow-best-practices%2Fmanage-mail-flow-using-third-party-cloud%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThis%20is%20because%20it%20can%20impact%20functionality%20with%20EOP%20such%20as%20track%20and%20trace%2C%20spam%20and%20phishing%20filtering%20and%20reporting.%20As%20ATP%20works%20with%20EOP%20this%20would%20have%20a%20knock%20on%20effect%20to%20ATP.%3CBR%20%2F%3E%3CBR%20%2F%3EI%20am%20sure%20that%20organisations%20have%20implemented%20it%20in%20this%20way%20but%20referring%20to%20the%20document%20above%20it%E2%80%99s%20not%20recommended%3CBR%20%2F%3E%3CBR%20%2F%3EHope%20that%20answers%20your%20question%3CBR%20%2F%3E%3CBR%20%2F%3EBest%2C%20Chris%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1136326%22%20slang%3D%22en-US%22%3ERe%3A%20Office%20365%20ATP%20in%20conjunction%20with%20a%20Third%20Party%20spam%20filter%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1136326%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F169605%22%20target%3D%22_blank%22%3E%40Christopher%20Hoard%3C%2FA%3E%26nbsp%3BThanks%20for%20the%20feedback%2C%20cheers%3C%2FP%3E%3C%2FLINGO-BODY%3E
bdelamotte83
New Contributor

Hi,

 

I'm just after any advice, experience, comments, lessons learned, etc in relation to using Office 365 Advanced Threat Protection to enhance anti-spam capabilities for Exchange Online.....but in a scenario where the anti-spam is being handled by an external service and not EOP.

 

* Should we do this?

* Does ATP lose some of it's capabilities when the filtered mail from the external spam filter is treated as clean (SCL -1 or equivalent)?

* If there is no sender rewrite by the third party spam filter, does ATP mailbox intelligence or anti-phishing policies even work?

* Anything to add would be welcome here really

 

Regards

2 Replies
Highlighted
Solution
Hi

Officially it’s not recommended or supported. See article

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-mail-flow-using-third-part...

This is because it can impact functionality with EOP such as track and trace, spam and phishing filtering and reporting. As ATP works with EOP this would have a knock on effect to ATP.

I am sure that organisations have implemented it in this way but referring to the document above it’s not recommended

Hope that answers your question

Best, Chris
Highlighted

@Christopher Hoard Thanks for the feedback, cheers

Related Conversations