SOLVED

Outbound Spam Filter Policy

Copper Contributor

So I'm trying to configure an outbound Spam filter Policy to prevent a user from always getting thrown in the Restricted Users bin.  The Policy I created was very standard and I want it to apply to the user in the screenshot

SendingOutboundPolicy.PNG

 
 

However once it is created it looks as if the Custom outbound Spam policy only applies to users who are recipients of the sending user in the tenant.  (internal to internal communication within the tenant)
RecipientsOBS.PNG

 

I want this policy to apply to all outbound messages sent from TU@mictestacc123.onmicrosoft.com (even users on other domain) not just ones sent to other users within the tenant.  Is this possible?

 

 

12 Replies
best response confirmed by foxx109 (Copper Contributor)
Solution

Hi, @foxx109 

 

The way your policy is set, my understanding is that it will do what you want it to do.  Is this not what you are experiencing?

 

Also, does the default outbound spam policy in the Security and Compliance Center not meet your needs anyway?

 

Kind regards

Peter

@PeterRisingthank you kindly for your response

The default outbound spam policy works fine, I was trying to configure one of these for a specific user who sent a lot of mail that was getting flagged as SPAM (that it the nature of there job) and kept getting thrown in the restricted users bin 


I'm just surprised in the second screenshot where it says 

If this message is received from: TU@mictestacc123.onmicrosoft.com (it is highlighted) 

 

I thought it was say,

if this message is sent from: TU@mictestacc123.onmicrosoft.com 

 

Since it is an outbound Spam Policy and I want it to apply to outgoing messages

It almost makes me think that the policy is only for internal to internal communication

 

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-the-outbound-s... 

 

The article makes it sounds like it is for outbound messages, IDK am i missing something?

@foxx109 

 

It's very misleading that it's labeled recipients I agree, but the users you place in here will be targeted by the outbound policy.   :thumbs_up:

Thanks, I felt like alittle unsure of this till talking to you, I might post something in Uservoice about it.  Take care man @PeterRising 

@foxx109 Any idea why a "default" outbound spam filter would not via viewable via the GUI? We have a ticket open with Microsoft support but they are stumped.  How to we bring this back. Right now we are getting NDRs for all outbound external forwarding.

@PeterRising Any idea why a "default" outbound spam filter would not via viewable via the GUI? We have a ticket open with Microsoft support but they are stumped.  How do we bring this back. Right now we are getting NDRs for all outbound external forwarding.

@Michael Platt Here is a screenshot when logged in as global admin.

@ChristianBergstrom Good shout on PowerShell.

 

@Michael Platt Could not see the screenshot I'm afraid.  Can you try uploading again please? 

 

Also, have you tried logging in with a different Global Admin?  Sounds nuts I know, but I've seen this happen where one GA can see something that another randomly cannot.  Try a private browser maybe too.

@PeterRising Yes- we can see it in Powershell but you can't change who the policy applies to or excludes from Powershell.  I've tried two GA accounts. I guess it won't hurt to try another.

@PeterRising We got this resolved. Having the Default Outbound Spam Policy in the GUI is a requirement. Microsoft's engineering team was able to restore this.

Hi, so you had removed it yourself? Well, that explains a lot and why you could still see it using PowerShell.

”Admins can view, edit, and configure (but not delete) the default outbound spam policy.”
1 best response

Accepted Solutions
best response confirmed by foxx109 (Copper Contributor)
Solution

Hi, @foxx109 

 

The way your policy is set, my understanding is that it will do what you want it to do.  Is this not what you are experiencing?

 

Also, does the default outbound spam policy in the Security and Compliance Center not meet your needs anyway?

 

Kind regards

Peter

View solution in original post