M365 Exchange online:
Connect-ExchangeOnline -UserPrincipalName <UPN> [-ExchangeEnvironmentName <Value>] [-ShowBanner:$false] [-DelegatedOrganization <String>] [-SkipLoadingFormatData]
# Connect-ExchangeOnline -UserPrincipalName xxx@xxx.onmicrosoft.com
View quarantine policies in PowerShell
# Get-QuarantinePolicy | Format-Table Name
# Get-QuarantinePolicy -QuarantinePolicyType GlobalQuarantinePolicy
# Get-QuarantinePolicy -QuarantinePolicyType QuarantinePolicy
# Get-QuarantinePolicy -Identity DefaultFullAccessPolicy
# Get-QuarantinePolicy -Identity AdminOnlyAccessPolicy
# Get-QuarantinePolicy -Identity DefaultFullAccessWithNotificationPolicy
<Standard preset security policy:>
# Write-Output -InputObject ("`r`n"*3),"Standard anti-malware policy",("-"*79);Get-MalwareFilterPolicy | Where-Object -Property RecommendedPolicyType -eq -Value "Standard"; Write-Output -InputObject ("`r`n"*3),"Standard anti-spam policy",("-"*79);Get-HostedContentFilterPolicy | Where-Object -Property RecommendedPolicyType -eq -Value "Standard"; Write-Output -InputObject ("`r`n"*3),"Standard anti-phishing policy",("-"*79);Get-AntiPhishPolicy | Where-Object -Property RecommendedPolicyType -eq -Value "Standard"
<Strict preset security policy:>
Write-Output -InputObject ("`r`n"*3),"Strict anti-malware policy",("-"*79);Get-MalwareFilterPolicy | Where-Object -Property RecommendedPolicyType -eq -Value "Strict"; Write-Output -InputObject ("`r`n"*3),"Strict anti-spam policy",("-"*79);Get-HostedContentFilterPolicy | Where-Object -Property RecommendedPolicyType -eq -Value "Strict"; Write-Output -InputObject ("`r`n"*3),"Strict anti-phishing policy",("-"*79);Get-AntiPhishPolicy | Where-Object -Property RecommendedPolicyType -eq -Value "Strict"
<Anti-spam policies in PowerShell>
# Get-HostedContentFilterPolicy | Format-List Name,SpamAction,SpamQuarantineTag,HighConfidenceSpamAction,HighConfidenceSpamQuarantineTag,PhishSpamAction,PhishQuarantineTag,HighConfidencePhishAction,HighConfidencePhishQuarantineTag,BulkSpamAction,BulkQuarantineTag
<Strict Preset Security>
# Get-HostedContentFilterPolicy "Strict Preset Security*" | fl
# Get-HostedContentFilterRule "Strict Preset Security*" | fl
Reference: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide#system-alerts-for-quarantine-release-requests
# Get-QuarantinePolicy -QuarantinePolicyType GlobalQuarantinePolicy
# Get-HostedContentFilterPolicy 'Default' | fl *tag
# Get-HostedContentFilterPolicy | fl *tag
Resolution:
# Get-HostedContentFilterPolicy "Strict Preset Security Policy1664337335670" | fl
# Get-HostedContentFilterPolicy "Strict Preset Security Policy1664337335670" | fl Name, SpamQuarantineTag, PhishQuarantineTag, HighConfidenceSpamQuarantineTag, HighConfidencePhishQuarantineTag
# Get-HostedContentFilterPolicy "Strict Preset Security Policy1664337335670" | fl Name, SpamQuarantineTag, PhishQuarantineTag, HighConfidenceSpamQuarantineTag, HighConfidencePhishQuarantineTag
# Set-HostedContentFilterPolicy "Strict Preset Security Policy1664337335670" -SpamQuarantineTag ReleaseRequestPolicy
# Set-HostedContentFilterPolicy "Strict Preset Security Policy1664337335670" -PhishQuarantineTag ReleaseRequestPolicy
# Set-HostedContentFilterPolicy "Strict Preset Security Policy1664337335670" -HighConfidenceSpamQuarantineTag ReleaseRequestPolicy
[***** use Default policy **** ]
# Set-HostedContentFilterPolicy "Default" -SpamQuarantineTag ReleaseRequestPolicy
# Set-HostedContentFilterPolicy "Default" -HighConfidenceSpamQuarantineTag ReleaseRequestPolicy
# Set-HostedContentFilterPolicy "Default" -PhishQuarantineTag ReleaseRequestPolicy
Get-HostedContentFilterPolicy | Format-List Name,SpamAction,SpamQuarantineTag,HighConfidenceSpamAction,HighConfidenceSpamQuarantineTag,PhishSpamAction,PhishQuarantineTag,HighConfidencePhishAction,HighConfidencePhishQuarantineTag,BulkSpamAction,BulkQuarantineTag
## Set-HostedContentFilterPolicy
https://learn.microsoft.com/en-us/powershell/module/exchange/set-hostedcontentfilterpolicy?view=exchange-ps
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
No comments:
Post a Comment