Andy, I don't think I've ever commented on a video but you broke me! I just wanted to say thanks for all this information. This has been immensely helpful.
@@AndyMaloneMVP lol i used to work in chemistry and recently made my move to tech. im a 365 admin. your a life saver man!!! thanks for everything you do
Andy, Thank you so much for your content. On this EOP we have experienced some features we are not very happy with. we are trying to block all potential OfficeMacro file types and have them delivered to the quarantine for verification by an admin. M365 Defender does not give an option for such a situation. Senders and or recipients are informed that there has been a malware detected. Even with Exchange Online, there is no option to adapt that message from "suspicious / risky file type" instead of "malware".
Thanks very much for your question. I’m sure you’ll appreciate that for specific questions relating to a product like this I have to point you towards docs.microsoft.com or consult with the Microsoft technical community this is by far the best way to get your solutions. Thanks again
Thank you so much Tony that means a lot to me. The important thing is you found me now and I really hope that my content helps. Welcome to the community and great to have you on board.😊👍
Hi Andy, recently found you and really love your videos. They are so helpful. I’m finding the licensing for these functions a little confusing. We have a business that uses business standard, but want to set up some of these features to prevent data theft. Do all users need the E3/E5 licence to put these feature into effect?
Hi Andy, I really love your content. I have a request. Can you please show with examples how we can analyze the quarantined mails. How can we find out why an email was quarantined. Thanks
Do you know the strategy MSFT has for changing names? Just thought it may be a “documented” MSFT item that you would know. 😏. Great content! Keep the jibber jabber with the content!!
Thanks very much. Yes there is a ton of information on this docs.microsoft.com you should check it out just do a search for windows defender for 365 and also exchange online protection. In terms of a strategy! Not that I’m aware of. However that doesn’t mean to say that one doesn’t exist. Good luck and thanks again.
Thanks again Andy for the awesome content! Actually, I was looking forward to hearing about using antimalware and safe attachments when they work simultaneously, and how we can properly set the priority on which one should be higher in that sense. I tried to test the safe attachment policy but anti-malware works first and catch the email with the test attachment. any good hints?
You’re right Mohammed they are two different technologies but I would say safe attachments is a better solution as sometimes EOP let’s bad stuff through. There is often a delay in safe attachments when you switch it on. Generally they do work together but EOP always runs first. You can set priorities with PowerShell. Check out docs.Microsoft.COM they have Coll some great articles.
Thanks for the video. Have a couple of questions. Can multiple polices be applied to the same user? For example if there are two anti-spam policies...one with higher and one with lower priority. What if there are conflicting settings between the two policies? Thanks!
@@AndyMaloneMVP Thanks. I found more information here: docs.microsoft.com/en-us/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-worldwide "If a recipient is defined in multiple policies of the same type (anti-spam, anti-phishing, etc.), only the policy with the highest priority is applied to the recipient. Any remaining policies of that type are not evaluated for the recipient (including the default policy)."
Hey Andy, how its going ? How could I monitoring everything? the links safe, the bad attachments and others thinks? Is there any report of who click or access something ? A list of URL blocked by Links safe? thanks for helping.
How good is the default setting for anti-phishing? I find adjusting that threshold causes a lot of emails to be caught by the phishing policy. A lot of legitimate emails.
Honestly, I think they’re pretty good. It’s what I use most of the time. However, a lot of people get confused between junk email, and the focused inbox, which used to be clutter. Which of course it’s just a way of organising your email so that the important stuff can be actioned first. No, I think the default rules are pretty good.