Skip to content

Manage Safe Senders and Block Sender Lists using PowerShell – Office 365

The term “Junk Email Filter” defines an Exchange mail security mechanism, that implemented on the “mailbox level”. In Exchange based environment, most of the time, the mail security infrastructure is implemented most of the time in the “server level” (Exchange server).

Junk mail protection

The interesting thing is that also, Exchange enables his recipients, to use an additional layer of mail security that implemented at the mailbox level.

The additional component that can manage by the Exchange recipient is the “Junk Email engine.” That include the following two components:

  1. Junk Email Filter – this is the Exchange mailbox security filter, that can inspect each incoming E-mail message and based on a different parameter decide if the E-mail message is “spam mail” or a legitimate E-mail. By default, the mailbox Junk Email Filter is not activated.
  2. Junk Email Filter Lists – the is the Exchange mailbox security filter that can classify specific sender or a specific domain as a “legitimate sender” or “non-legitimate sender.”
Exchange mailbox junk mail protection -01

The management options if the Exchange mailbox “Junk Email component”

The management of the Exchange mailbox “Junk Email component” is implemented on two levels:

  1. User level – each Exchange recipient can manage his Exchange mailbox “Junk Email component” by using the Outlook or the OWA mail settings.
  2. Administrative level – using PowerShell

The other option for managing the Exchange mailbox “Junk Email component” is implemented from the “server side” by using PowerShell.

The main advantages of using PowerShell for managing “Junk Email Filter” configurations are:

Using bulk configurations

The ability to implement a required configuration setting for a “bulk of mailboxes” at the same time.

Perform specific configuration settings on behalf of the user

The ability of the Exchange Online administrator to perform a particular configuration setting and by doing so, avoid a scenario in which a non-technical user will need to perform the specific configuration settings.

Safe Senders List and Blocked Senders List

The Exchange “mailbox Junk Email Filter Lists” option enables Exchange users to relate to E-mail message, by using four types of filters:

  1. Safe Senders List – represented by the PowerShell parameter -TrustedSendersAndDomain
  2. Blocked Senders List – represented by the PowerShell parameter -BlockedSendersAndDomains
  3. Safe recipient List – represented by the PowerShell parameter -TrustedRecipientsAndDomains
  4. International – Currently, there is no PowerShell parameter for this option. The “international” option enables us to block specific E-mail message based of a country domain name or specific language encoding).

Most of the time, the common options that users use are:

1. Safe Senders List

The purpose of the Safe Senders List is – to prevent the event of false-positive meaning, an event in which legitimate mail mistakenly identified as spam mail and for this reason sent to the junk mail folder.

When we add a domain name or E-mail address to the Safe Senders List, an
E-mail sends from the particular sender\s, will never be sent to the Junk mail folder.

2. Blocked Senders List

The purpose of the Blocked Senders List is – to prevent the event of false-negative meaning, an event in which a spam mail manages to “bypass” existing mail security filter that didn’t manage to identify and classify the E-mail as spam mail.

When we add a domain name or an E-mail address to the Blocked Senders List, an
E-mail sends from the particular sender\s, will automatically be sent to the Junk mail folder.

Messages from people or domain names that appear in this list are always classified as junk, regardless of the content of the message.

Junk Email Filter Lists -02

How do we define the “sender entity”?

The way that we use for relating to the “sender” is, by defining the sender domain name or the sender E-mail address.

In case that we define a domain name, the filter rule will be applied to for all the senders who have the specific domain name for their E-mail address.

Relating to sender - recipient

Outlook and junk mail protection

In the following screenshot, we can see the default setting of the Outlook and junk mail protection configuration. By default, the Outlook Junk Email Filter is not activated.

In other words, by default Outlook will not use a local spam filter instead, the classification of
E-mail as a legitimate E-mail or, spam E-mail will be implemented by the “server side” (Exchange server).

Outlook junk mail protection -01

In the following screenshot, we can see the different “list tab” that we can use to define to blocked or safe sender lists.

Outlook junk mail protection -02

Section 1: Add E-Mail Address and Domain Names To The Safe Sender and Blocked Senders Lists

Scenario 1.1 – Add E-mail address and domain names to the Safe sender lists | Specific recipient

We want to define, a whitelist of trusted senders, by adding a domain name and an E-mail address to the senders Safe list.

In this scenario, we would like to add the information to a particular Exchange recipient.

The parameter that we use for defining the information saved in the Safe Sender list is –TrustedSendersAndDomains.

PowerShell command syntax:

Set-MailboxJunkEmailConfiguration -Identity <identity> -TrustedSendersAndDomains "<domain name>","<E-mail address>"

PowerShell command example:

Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -TrustedSendersAndDomains "cnn.com","alice@contoso.com"

Scenario 1.2 – Add E-mail address and domain names to the Safe sender lists | Bulk mode

We want to define a whitelist of trusted senders, by adding a domain name and an E-mail address to the senders Safe list.

In this scenario, we would like to implement a “bulk update” by adding the information to all the existing Exchange recipients.

PowerShell command syntax:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "<domain name>","<E-mail address>"

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "cnn.com","alice@contoso.com"

Scenario 1.3 – Add E-mail address and domain names to the Blocked sender lists | Specific recipient

We want to define a blacklist of – un-trusted senders, by adding a domain name and an E-mail address to the Blocked Senders list.

In this scenario, we would like to add the information to a particular Exchange recipient.

The parameter that we use for defining the information that saved in the Safe sender list is -BlockedSendersAndDomains.

PowerShell command syntax:

Set-MailboxJunkEmailConfiguration -Identity <identity> -BlockedSendersAndDomains "<domain name>","<E-mail address>"

PowerShell command example:

Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -BlockedSendersAndDomains"spam.com","amanda@baddomain.com"

Scenario 1.4 – Add E-mail address and domain names to the Blocked senders list | Bulk mode

We would like to define a blacklist of – un-trusted senders, by adding a domain name and an E-mail address to the Blocked Senders list.

In this scenario, we would like to implement a “bulk update” by adding the information to all the existing Exchange recipients.

PowerShell command syntax:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -BlockedSendersAndDomains "<domain name>","<E-mail address>"

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -BlockedSendersAndDomains "spam.com","amanda@baddomain.com"

Scenario 1.5 – Add E-mail address and domain names to the Safe sender lists + to the Blocked senders list at the same time | Bulk mode

We would like to define a combination in which we add information (domain name and an E-mail address) to the Blocked Senders list + senders Safe list.

PowerShell command syntax:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "<domain name>","<E-mail address>" -BlockedSendersAndDomains "<domain name>","<E-mail address>"

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "cnn.com",alice@contoso.com -BlockedSendersAndDomains "spam.com","amanda@baddomain.com"

Section 2: Additional Junk Mail Filter Options

Scenario 2.1 – Enable Junk mail filter

As mentioned, by default, the mailbox Junk Email Filter is not activated.

We want to activate (enable) the mailbox Junk Email Filter for a specific recipient.

PowerShell command example:

Set-MailboxJunkEmailConfiguration "John@o365info.com" -Enabled $true

Scenario 2.2 – Disable Junk mail filter

We want to disable the mailbox Junk Email Filter for a specific recipient

PowerShell command example:

Set-MailboxJunkEmailConfiguration "John@o365info.com" -Enabled $false

Configure the option of trusted contact in Microsoft Outlook.

Another option that we can use for define our Safe Senders list is to “instruct” the mailbox Junk Email Filter list to automatically trust each of the recipients (E-mail address) that appears in our contact list. This option named- “Also Trust E-mail from my contacts” and by default, it is not activated.

Also Trust E-mail from my contacts

Scenario 2.3 – Enable option of trusted contact | Bulk mode

We want to activate the option of “Also Trust E-mail from my contacts” to all of our recipients (Bulk mode).

PowerShell command example:

Get-MailboxJunkEmailConfiguration * | Where {$_.ContactsTrusted -eq $true} | Set-MailboxJunkEmailConfiguration -ContactsTrusted $true

Scenario 2.4 – Disable option of trusted contact | Bulk mode

We want to Disable the option of “Also Trust E-mail from my contacts” to all of our recipients (Bulk mode).

Get-MailboxJunkEmailConfiguration * | Where {$_.ContactsTrusted -eq $true} | Set-MailboxJunkEmailConfiguration -ContactsTrusted $false

Section 3: View Information About Safe Sender and Blocked Lists

Scenario 3.1 – View information about Safe sender and blocked lists | Specific recipient

We want to view the available information about the Mailbox Junk Email Configuration that includes the list of the E-mail address and domain names that appear in the Safe Sender lists and the Blocked sender lists.

PowerShell command syntax:

Get-MailboxJunkEmailConfiguration -Identity <identity>

PowerShell command example:

Get-MailboxJunkEmailConfiguration -Identity "Brad@o365info.com"

Scenario 3.2 – View information about Safe sender and blocked lists | Bulk mode

We would like to view the available information about the Mailbox Junk Email Configuration that includes the list of the E-mail address and domain names that appear in the Safe Sender lists and in the Blocked sender lists.

In this scenario, we would like the view the information about all the existing Exchange mailboxes.

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Get-MailboxJunkEmailConfiguration

Scenario 3.3 – Export information to CSV file | Bulk mode

We would like to – export the information from the Safe sender lists and in the Blocked Sender lists of all existing Exchange mailboxes to a CSV (comma separated value) file.

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Get-MailboxJunkEmailConfiguration | Export-CSV c:\temp\"Safe sender and blocked lists.CSV" –NoTypeInformation -Encoding UTF8

Scenario 3.4 – Export information to TXT file | Bulk mode

We would like to – export the information from the Safe sender lists and in the Blocked Sender lists of all existing Exchange mailboxes to a TEXT file.

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Get-MailboxJunkEmailConfiguration | Out-File c:\temp\"Safe sender and blocked lists.txt" -Encoding UTF8

Section 4: Update (Remove and Add) Existing Safe Sender and Blocked Lists

In this section we review how to update an existing Safe sender lists and in the Blocked sender lists. In this scenario, we would like to add or remove information from the existing Safe sender lists and in the Blocked sender lists.

Scenario 4.1 – Add E-mail address and domain names to Safe sender lists | Specific recipient

We would like to – add E-mail address and domain name to the current Safe sender lists to a particular recipient.

PowerShell command syntax:

Set-MailboxJunkEmailConfiguration -Identity <identity> -TrustedSendersAndDomains @{Add="<domain name>","<E-mail address>"}

PowerShell command example:

Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -TrustedSendersAndDomains @{Add="fabrikam.com","Jeff@Trusteddomain.com"}

Scenario 4.2 – Add E-mail address and domain names to Safe sender lists | Bulk mode

We want to add an additional E-mail address and domain name to the current Safe Sender lists of all the Exchange recipients.

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains @{Add="fabrikam.com","Jeff@Trusteddomain.com"}

Scenario 4.3 – Remove E-mail address and domain names from Safe sender lists | Specific recipient

We would like to remove an E-mail address and domain name from existing Safe sender for a particular user mailbox.

PowerShell command syntax:

Set-MailboxJunkEmailConfiguration -Identity <identity> -TrustedSendersAndDomains @{Remove="<domain name>","<E-mail address>"}

PowerShell command example:

Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -TrustedSendersAndDomains @{Remove ="fabrikam.com","Jeff@Trusteddomain.com"}

Scenario 4.4 – Remove E-mail address and domain names from Safe sender lists | Bulk mode

We want to remove an E-mail address and domain name from existing Safe sender for all the Exchange recipients.

PowerShell command example:

Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains @{Remove ="fabrikam.com","Jeff@Trusteddomain.com"}
o365info Team

o365info Team

This article was written by our team of experienced IT architects, consultants, and engineers.

This Post Has 2 Comments

  1. Hi there. On the screen where you cover how to enable or disable the “Also trust email from my contacts” settings, is it also possible to enable the “Automatically add people I email to the safe senders list” setting via PowerShell? – Thanks!

  2. Hey!

    I believe scenario 4.2 should be…

     
    Get-MailboxJunkEmailConfiguration * | Where {$_.ContactsTrusted -eq $false} | Set-MailboxJunkEmailConfiguration -ContactsTrusted $True
     

Leave a Reply

Your email address will not be published. Required fields are marked *