skip to content

IT Help and Support

University Information Services

Service limits

Exchange Online is subject to a number of default limits set by Microsoft. These relate to the quantity and size of mailboxes, folders, messages, and distribution lists. If you need to send an email to a large group of people please follow the guidelines for the use of bulk email at Cambridge.

Exchange ActiveSync

If you are setting up your mailbox on a mobile device you may see a warning that this will allow administrators to remotely manage your device. This is part of the Exchange ActiveSync protocol for mobile devices, which supports remote data and account wiping processes that administrators could use, for example, if a device is lost or stolen. UIS is not using any of these capabilities on users' devices. UIS cannot install or remove apps, set or enforce any security policies or access the data on your device. 

However, you will need to accept this policy (for example, by clicking 'OK' on a warning message) to complete the installation. If you do not wish to accept the policy, you can access your mailbox via webmail rather than an app.


Junk mail

We recommend regularly checking your junk mail folder in case legitimate messages have been diverted there (this can be due to misconfigured DMARC settings on the sending address, or the message being categorised as spam by the Exchange Online filter.) To ensure messages from a particular sender are always directed to your Inbox you can add the address or domain to your Safe Senders List. Read about filtering junk email and spam in Outlook on Microsoft's support website

You could have the opposite scenario, where you want to filter junk messages from your Inbox to your junk folder. You could set up a Rule in Outlook to move messages to your junk folder if they are from a specific sender, or if they contain a particular word in the header. Microsoft's support website has instructions on setting up Rules in Outlook.


Quarantined messages

Exchange Online has a quarantine function that will prevent messages being delivered to your mailbox based on a spam score assigned by Exchange Online Protection and SpamAssassin. If messages sent to your personal mailbox have been identified as spam you will be notified by email and can choose to release messages from quarantine that you know to be genuine. If you report the message as a false positive when it is released back to your mailbox it will help to train Microsoft's spam rules.

If messages are deemed to be high confidence phishing or contain malware, you will need to request review before they can be released.

If messages are delivered but go to to your junk mail folder, this can be a result of local settings on your mailbox or rules in your desktop mail client. You can amend the list of Allowed and Blocked Senders via webmail settings.


Blocked file types

Certain file types are blocked from being sent as attachments within Exchange Online, a full list of the file name extensions can be found here:

If you send a message with any of these file types attached the message will not be delivered and you will receive a non-delivery report. Similarly these file types cannot be sent from an external contact to your mailbox. If you need to share files with these file extensions we recommend using OneDrive, SharePoint or Teams as an alternative method.


SafeAttachments and SafeLinks

Exchange Online mailboxes are also protected against malicious emails by Defender for Office365, which includes the SafeAttachments and SafeLinks services.

SafeAttachments scans attachments for malware before a message is delivered to a mailbox. If malware is detected, you will be notified that attachments have been removed.

SafeLinks scans links within messages at the time a message is received and when a link in an email is clicked, and will dynamically block any link identified as malicious.