Exchange Online Protection (EOP) uses outbound spam policies as part of your organization’s defense against spam. But to increase the effectiveness of outbound spam filtering, you can create custom spam policies with more stringent settings that apply to specific users or groups. These custom policies take precedence over the default policy, but you can change the priority of your custom policies. Today I will show you how to manage these custom policies using PowerShell, but you can also make these settings from the Microsoft 365 defender portal.

Important: You should use your Exchange admin account to perform the following task.

PowerShell Workaround

First, you must ensure the Exchange Online PowerShell V2 module is installed on your computer and then imported into your Powershell session. To do that, you should use the following commands.

Once you have imported the module, you are ready to start.

Connect to Exchange Online

The easiest way to get started is to log in interactively at the command line.

Set the variables

Here we define the basic information of the spam policy and spam rule we want to create/manage.

Create the outbound spam filter policy

first, you need to create an outbound filter policy, and for this, you should use the New-HostedOutboundSpamFilterPolicy cmdlet.

In this policy, you define the limits of sending emails, and the action is triggered once one of the prescribed limits is reached.

Change an outbound spam filter policy.

You should use the Set-HostedOutboundSpamFilterPolicy cmdlet to modify an outbound spam filter policy.

The ActionWhenThresholdReached parameter specifies the action to take when any of the limits set in the policy are reached.

Check outbound spam filter policies

To view outgoing spam filter policies, you should use the Get-HostedOutboundSpamFilterPolicy cmdlet. If this is the first policy you create, the list will likely have two entries: the default policy and the newly created one.


Create an outbound spam filter rule

Once the outbound spam filter policy is created, you will need to create an outbound spam filter rule associated with the policy you created.

Important: An outbound spam filter rule can’t be associated with more than one outbound filter policy.

Change an outbound spam filter rule.

To make changes to the configuration of an outgoing spam filter rule, you should use the Set-HostedOutboundSpamFilterRule cmdlet.

In the following example, I will change the rule assigned to a group and remove the assignment from the user.

You can also use the same cmdlet to change the rule’s priority, as shown in the following example.

The Priority parameter specifies a priority value that determines the order in which the rule is processed. A lower value indicates a higher priority; therefore, the value 0 is the highest priority. Note that rules cannot have the same priority value.

Check outbound spam filter rules

To get a summary list of all outbound spam filter rules, you should use the Get-HostedOutboundSpamFilterRule cmdlet.

Disable a spam rule

If you want to disable a rule, use the Disable-HostedOutboundSpamFilterRule cmdlet with the following syntax.

Enable a spam rule

Instead, the Enable-HostedOutboundSpamFilterRule cmdlet enables the rule again.

Remove an outbound spam filter policy

To remove an outbound spam filter policy, you should use the Remove-HostedOutboundSpamFilterPolicy cmdlet with the following syntax.

Keep in mind that the corresponding outbound spam filter rule is not removed when you use PowerShell to remove an outbound spam filter policy.

Remove an outbound spam filter rule

To finally remove an outgoing spam filter rule, use the Remove-HostedOutboundSpamFilterRule cmdlet with the following syntax.

Thanks for reading my post. I hope you find it helpful.

If you want to learn more about outbound spam filtering, check out this link.