In the current article, we review the various aspects of “Exchange Online Audit option” using…
Manage Safe Senders and Block Sender Lists using PowerShell – Office 365
The term “Junk Email Filter” defines an Exchange mail security mechanism, that implemented on the “mailbox level”. In Exchange based environment, most of the time, the mail security infrastructure is implemented most of the time in the “server level” (Exchange server).
Table of contents
Junk mail protection
The interesting thing is that also, Exchange enables his recipients, to use an additional layer of mail security that implemented at the mailbox level.
The additional component that can manage by the Exchange recipient is the “Junk Email engine.” That include the following two components:
- Junk Email Filter – this is the Exchange mailbox security filter, that can inspect each incoming E-mail message and based on a different parameter decide if the E-mail message is “spam mail” or a legitimate E-mail. By default, the mailbox Junk Email Filter is not activated.
- Junk Email Filter Lists – the is the Exchange mailbox security filter that can classify specific sender or a specific domain as a “legitimate sender” or “non-legitimate sender.”
The management options if the Exchange mailbox “Junk Email component”
The management of the Exchange mailbox “Junk Email component” is implemented on two levels:
- User level – each Exchange recipient can manage his Exchange mailbox “Junk Email component” by using the Outlook or the OWA mail settings.
- Administrative level – using PowerShell
The other option for managing the Exchange mailbox “Junk Email component” is implemented from the “server side” by using PowerShell.
The main advantages of using PowerShell for managing “Junk Email Filter” configurations are:
Using bulk configurations
The ability to implement a required configuration setting for a “bulk of mailboxes” at the same time.
Perform specific configuration settings on behalf of the user
The ability of the Exchange Online administrator to perform a particular configuration setting and by doing so, avoid a scenario in which a non-technical user will need to perform the specific configuration settings.
Safe Senders List and Blocked Senders List
The Exchange “mailbox Junk Email Filter Lists” option enables Exchange users to relate to E-mail message, by using four types of filters:
- Safe Senders List – represented by the PowerShell parameter -TrustedSendersAndDomain
- Blocked Senders List – represented by the PowerShell parameter -BlockedSendersAndDomains
- Safe recipient List – represented by the PowerShell parameter -TrustedRecipientsAndDomains
- International – Currently, there is no PowerShell parameter for this option. The “international” option enables us to block specific E-mail message based of a country domain name or specific language encoding).
Most of the time, the common options that users use are:
1. Safe Senders List
The purpose of the Safe Senders List is – to prevent the event of false-positive meaning, an event in which legitimate mail mistakenly identified as spam mail and for this reason sent to the junk mail folder.
When we add a domain name or E-mail address to the Safe Senders List, an
E-mail sends from the particular sender\s, will never be sent to the Junk mail folder.
2. Blocked Senders List
The purpose of the Blocked Senders List is – to prevent the event of false-negative meaning, an event in which a spam mail manages to “bypass” existing mail security filter that didn’t manage to identify and classify the E-mail as spam mail.
When we add a domain name or an E-mail address to the Blocked Senders List, an
E-mail sends from the particular sender\s, will automatically be sent to the Junk mail folder.
Messages from people or domain names that appear in this list are always classified as junk, regardless of the content of the message.
How do we define the “sender entity”?
The way that we use for relating to the “sender” is, by defining the sender domain name or the sender E-mail address.
In case that we define a domain name, the filter rule will be applied to for all the senders who have the specific domain name for their E-mail address.
Outlook and junk mail protection
In the following screenshot, we can see the default setting of the Outlook and junk mail protection configuration. By default, the Outlook Junk Email Filter is not activated.
In other words, by default Outlook will not use a local spam filter instead, the classification of
E-mail as a legitimate E-mail or, spam E-mail will be implemented by the “server side” (Exchange server).
In the following screenshot, we can see the different “list tab” that we can use to define to blocked or safe sender lists.
Section 1: Add E-Mail Address and Domain Names To The Safe Sender and Blocked Senders Lists
Scenario 1.1 – Add E-mail address and domain names to the Safe sender lists | Specific recipient
We want to define, a whitelist of trusted senders, by adding a domain name and an E-mail address to the senders Safe list.
In this scenario, we would like to add the information to a particular Exchange recipient.
The parameter that we use for defining the information saved in the Safe Sender list is –TrustedSendersAndDomains.
PowerShell command syntax:
Set-MailboxJunkEmailConfiguration -Identity <identity> -TrustedSendersAndDomains "<domain name>","<E-mail address>"
PowerShell command example:
Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -TrustedSendersAndDomains "cnn.com","alice@contoso.com"
Scenario 1.2 – Add E-mail address and domain names to the Safe sender lists | Bulk mode
We want to define a whitelist of trusted senders, by adding a domain name and an E-mail address to the senders Safe list.
In this scenario, we would like to implement a “bulk update” by adding the information to all the existing Exchange recipients.
PowerShell command syntax:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "<domain name>","<E-mail address>"
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "cnn.com","alice@contoso.com"
Scenario 1.3 – Add E-mail address and domain names to the Blocked sender lists | Specific recipient
We want to define a blacklist of – un-trusted senders, by adding a domain name and an E-mail address to the Blocked Senders list.
In this scenario, we would like to add the information to a particular Exchange recipient.
The parameter that we use for defining the information that saved in the Safe sender list is -BlockedSendersAndDomains.
PowerShell command syntax:
Set-MailboxJunkEmailConfiguration -Identity <identity> -BlockedSendersAndDomains "<domain name>","<E-mail address>"
PowerShell command example:
Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -BlockedSendersAndDomains"spam.com","amanda@baddomain.com"
Scenario 1.4 – Add E-mail address and domain names to the Blocked senders list | Bulk mode
We would like to define a blacklist of – un-trusted senders, by adding a domain name and an E-mail address to the Blocked Senders list.
In this scenario, we would like to implement a “bulk update” by adding the information to all the existing Exchange recipients.
PowerShell command syntax:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -BlockedSendersAndDomains "<domain name>","<E-mail address>"
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -BlockedSendersAndDomains "spam.com","amanda@baddomain.com"
Scenario 1.5 – Add E-mail address and domain names to the Safe sender lists + to the Blocked senders list at the same time | Bulk mode
We would like to define a combination in which we add information (domain name and an E-mail address) to the Blocked Senders list + senders Safe list.
PowerShell command syntax:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "<domain name>","<E-mail address>" -BlockedSendersAndDomains "<domain name>","<E-mail address>"
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains "cnn.com",alice@contoso.com -BlockedSendersAndDomains "spam.com","amanda@baddomain.com"
Section 2: Additional Junk Mail Filter Options
Scenario 2.1 – Enable Junk mail filter
As mentioned, by default, the mailbox Junk Email Filter is not activated.
We want to activate (enable) the mailbox Junk Email Filter for a specific recipient.
PowerShell command example:
Set-MailboxJunkEmailConfiguration "John@o365info.com" -Enabled $true
Scenario 2.2 – Disable Junk mail filter
We want to disable the mailbox Junk Email Filter for a specific recipient
PowerShell command example:
Set-MailboxJunkEmailConfiguration "John@o365info.com" -Enabled $false
Configure the option of trusted contact in Microsoft Outlook.
Another option that we can use for define our Safe Senders list is to “instruct” the mailbox Junk Email Filter list to automatically trust each of the recipients (E-mail address) that appears in our contact list. This option named- “Also Trust E-mail from my contacts” and by default, it is not activated.
Scenario 2.3 – Enable option of trusted contact | Bulk mode
We want to activate the option of “Also Trust E-mail from my contacts” to all of our recipients (Bulk mode).
PowerShell command example:
Get-MailboxJunkEmailConfiguration * | Where {$_.ContactsTrusted -eq $true} | Set-MailboxJunkEmailConfiguration -ContactsTrusted $true
Scenario 2.4 – Disable option of trusted contact | Bulk mode
We want to Disable the option of “Also Trust E-mail from my contacts” to all of our recipients (Bulk mode).
Get-MailboxJunkEmailConfiguration * | Where {$_.ContactsTrusted -eq $true} | Set-MailboxJunkEmailConfiguration -ContactsTrusted $false
Section 3: View Information About Safe Sender and Blocked Lists
Scenario 3.1 – View information about Safe sender and blocked lists | Specific recipient
We want to view the available information about the Mailbox Junk Email Configuration that includes the list of the E-mail address and domain names that appear in the Safe Sender lists and the Blocked sender lists.
PowerShell command syntax:
Get-MailboxJunkEmailConfiguration -Identity <identity>
PowerShell command example:
Get-MailboxJunkEmailConfiguration -Identity "Brad@o365info.com"
Scenario 3.2 – View information about Safe sender and blocked lists | Bulk mode
We would like to view the available information about the Mailbox Junk Email Configuration that includes the list of the E-mail address and domain names that appear in the Safe Sender lists and in the Blocked sender lists.
In this scenario, we would like the view the information about all the existing Exchange mailboxes.
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Get-MailboxJunkEmailConfiguration
Scenario 3.3 – Export information to CSV file | Bulk mode
We would like to – export the information from the Safe sender lists and in the Blocked Sender lists of all existing Exchange mailboxes to a CSV (comma separated value) file.
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Get-MailboxJunkEmailConfiguration | Export-CSV c:\temp\"Safe sender and blocked lists.CSV" –NoTypeInformation -Encoding UTF8
Scenario 3.4 – Export information to TXT file | Bulk mode
We would like to – export the information from the Safe sender lists and in the Blocked Sender lists of all existing Exchange mailboxes to a TEXT file.
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Get-MailboxJunkEmailConfiguration | Out-File c:\temp\"Safe sender and blocked lists.txt" -Encoding UTF8
Section 4: Update (Remove and Add) Existing Safe Sender and Blocked Lists
In this section we review how to update an existing Safe sender lists and in the Blocked sender lists. In this scenario, we would like to add or remove information from the existing Safe sender lists and in the Blocked sender lists.
Scenario 4.1 – Add E-mail address and domain names to Safe sender lists | Specific recipient
We would like to – add E-mail address and domain name to the current Safe sender lists to a particular recipient.
PowerShell command syntax:
Set-MailboxJunkEmailConfiguration -Identity <identity> -TrustedSendersAndDomains @{Add="<domain name>","<E-mail address>"}
PowerShell command example:
Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -TrustedSendersAndDomains @{Add="fabrikam.com","Jeff@Trusteddomain.com"}
Scenario 4.2 – Add E-mail address and domain names to Safe sender lists | Bulk mode
We want to add an additional E-mail address and domain name to the current Safe Sender lists of all the Exchange recipients.
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains @{Add="fabrikam.com","Jeff@Trusteddomain.com"}
Scenario 4.3 – Remove E-mail address and domain names from Safe sender lists | Specific recipient
We would like to remove an E-mail address and domain name from existing Safe sender for a particular user mailbox.
PowerShell command syntax:
Set-MailboxJunkEmailConfiguration -Identity <identity> -TrustedSendersAndDomains @{Remove="<domain name>","<E-mail address>"}
PowerShell command example:
Set-MailboxJunkEmailConfiguration -Identity Brad@o365info.com -TrustedSendersAndDomains @{Remove ="fabrikam.com","Jeff@Trusteddomain.com"}
Scenario 4.4 – Remove E-mail address and domain names from Safe sender lists | Bulk mode
We want to remove an E-mail address and domain name from existing Safe sender for all the Exchange recipients.
PowerShell command example:
Get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains @{Remove ="fabrikam.com","Jeff@Trusteddomain.com"}
Hi there. On the screen where you cover how to enable or disable the “Also trust email from my contacts” settings, is it also possible to enable the “Automatically add people I email to the safe senders list” setting via PowerShell? – Thanks!
Hey!
I believe scenario 4.2 should be…
Get-MailboxJunkEmailConfiguration * | Where {$_.ContactsTrusted -eq $false} | Set-MailboxJunkEmailConfiguration -ContactsTrusted $True