Security and policies

Service limits

Exchange Online is subject to a number of default limits set by Microsoft. These relate to the quantity and size of mailboxes, folders, messages, and distribution lists. If you need to send an email to a large group of people please follow the guidelines for the use of bulk email at Cambridge.
 

Exchange ActiveSync

If you are setting up your mailbox on a mobile device you may see a warning that this will allow administrators to remotely manage your device. This is part of the Exchange ActiveSync protocol for mobile devices. UIS is not using these capabilities, if you do not wish to accept the policy you can access your mailbox via webmail.

First contact notifications

To help defend against email address spoofing and scam emails, you will see a warning on messages from a new sender or a sender that doesn't contact you often. Email apps often only show the display name of a sender, whereas this notification includes the sending address. The notification looks like this:

safety-tip-first-contact-one-recipient.png

Quarantined messages

Exchange Online has a quarantine function that will prevent messages being delivered to your mailbox based on a spam score assigned by Exchange Online Protection and SpamAssassin. If messages sent to your personal mailbox have been identified as spam you will be notified by email and can choose to release messages from quarantine that you know to be genuine. If you report the message as a false positive when it is released back to your mailbox it will help to train Microsoft's spam rules.

If messages are deemed to be high confidence phishing or contain malware, you will need to request review before they can be released.

If messages are delivered but go to to your junk mail folder, this can be a result of local settings on your mailbox or rules in your desktop mail client. You can amend the list of Allowed and Blocked Senders via webmail settings.
 

SafeAttachments and SafeLinks

Exchange Online mailboxes are also protected against malicious emails by Defender for Office365, which includes the SafeAttachments and SafeLinks services.

SafeAttachments scans attachments for malware before a message is delivered to a mailbox. If malware is detected, you will be notified that attachments have been removed.

SafeLinks scans links within messages at the time a message is received and when a link in an email is clicked, and will dynamically block any link identified as malicious.