New-HostedOutboundSpamFilterPolicy

This cmdlet is available only in the cloud-based service.

Use the New-HostedOutboundSpamFilterPolicy cmdlet to create outbound spam filter policies in your cloud-based organization.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Syntax

New-HostedOutboundSpamFilterPolicy
   [-Name] <String>
   [-ActionWhenThresholdReached <OutboundRecipientLimitsExceededAction>]
   [-AdminDisplayName <String>]
   [-AutoForwardingMode <AutoForwardingMode>]
   [-BccSuspiciousOutboundAdditionalRecipients <MultiValuedProperty>]
   [-BccSuspiciousOutboundMail <Boolean>]
   [-NotifyOutboundSpam <Boolean>]
   [-NotifyOutboundSpamRecipients <MultiValuedProperty>]
   [-RecipientLimitExternalPerHour <UInt32>]
   [-RecipientLimitInternalPerHour <UInt32>]
   [-RecipientLimitPerDay <UInt32>]
   [-RecommendedPolicyType <RecommendedPolicyType>]
   [<CommonParameters>]

Description

New policies that you create using this cmdlet aren't applied to users and aren't visible in admin centers. You need to use the HostedOutboundSpamFilterPolicy parameter on the New-HostedOutboundSpamFilterRule or Set-HostedOutboundSpamFilterRule cmdlets to associate the policy with a rule.

You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.

Examples

Example 1

New-HostedOutboundSpamFilterPolicy -Name "Contoso Executives" -RecipientLimitExternalPerHour 400 -RecipientLimitInternalPerHour 800 -RecipientLimitPerDay 800 -ActionWhenThresholdReached BlockUser

This example creates a new outbound spam filter policy named Contoso Executives with the following settings:

  • The recipient rate limits are restricted to smaller values that the service defaults.
  • After one of the limits is reached, the user is prevented from sending messages (added to the Restricted Users portal).

Parameters

-ActionWhenThresholdReached

The ActionWhenThresholdReach parameter specifies the action to take when any of the limits specified in the policy are reached. Valid values are:

  • Alert: No action, alert only.
  • BlockUser: Prevent the user from sending email messages.
  • BlockUserForToday: Prevent the user from sending email messages until the following day. This is the default value.
Type:OutboundRecipientLimitsExceededAction
Accepted values:Alert, BlockUserForToday, BlockUser
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-AdminDisplayName

The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks (").

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-AutoForwardingMode

The AutoForwardingMode specifies how the policy controls automatic email forwarding to external recipients. Valid values are:

  • Automatic: This is the default value. This setting is now the same as Off. When this setting was originally introduced, this value was equivalent to On. Over time, thanks to the principles of secure by default, this value was gradually changed to the equivalent of Off for all customers. For more information, see this blog post.
  • On: Automatic external email forwarding is not restricted.
  • Off: Automatic external email forwarding is disabled and will result in a non-delivery report (also known as an NDR or bounce message) to the sender.

This setting applies only to cloud-based mailboxes, and automatic forwarding to internal recipients is not affected by this setting.

Type:AutoForwardingMode
Accepted values:Automatic, Off, On
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-BccSuspiciousOutboundAdditionalRecipients

The BccSuspiciousOutboundAdditionalRecipients parameter specifies an email address to add to the Bcc field of outgoing spam messages. You can specify multiple email addresses separated by commas.

The specified recipients are added to the Bcc field of outgoing spam messages when the value of the BccSuspiciousOutboundMail parameter is $true.

Type:MultiValuedProperty
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-BccSuspiciousOutboundMail

The BccSuspiciousOutboundMail parameter specifies whether to add recipients to the Bcc field of outgoing spam messages. Valid values are:

  • $true: The recipients specified by the BccSuspiciousOutboundAdditionalRecipients parameter are added to outgoing spam messages.
  • $false: No additional messages are added to outgoing spam messages. This is the default value.
Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-Name

The Name parameter specifies a unique name for the outbound spam filter policy. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-NotifyOutboundSpam

Note: This setting has been replaced by the default alert policy named User restricted from sending email, which sends notification messages to admins. We recommend that you use the alert policy rather than this setting to notify admins and other users. For instructions, see Verify the alert settings for restricted users.

The NotifyOutboundSpam parameter specify whether to notify admins when outgoing spam is detected. Valid values are:

  • $true: Notify the admins specified by the NotifyOutboundSpamRecipients parameter.
  • $false: Don't send notifications. This is the default value.
Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-NotifyOutboundSpamRecipients

Note: This setting has been replaced by the default alert policy named User restricted from sending email, which sends notification messages to admins. We recommend that you use the alert policy rather than this setting to notify admins and other users. For instructions, see Verify the alert settings for restricted users.

The NotifyOutboundSpamRecipients parameter specifies the email addresses of admins to notify when an outgoing spam is detected. You can specify multiple email addresses separated by commas.

The specified recipients receive notifications when the value of the NotifyOutboundSpam parameter is $true.

Type:MultiValuedProperty
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-RecipientLimitExternalPerHour

The RecipientLimitExternalPerHour parameter specifies the maximum number of external recipients that a user can send to within an hour. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. For more information, see Sending limits across Microsoft 365 options.

Type:UInt32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-RecipientLimitInternalPerHour

The RecipientLimitInternalPerHour parameter specifies the maximum number of internal recipients that a user can send to within an hour. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. For more information, see Sending limits across Microsoft 365 options.

Type:UInt32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-RecipientLimitPerDay

The RecipientLimitInternalPerHour parameter specifies the maximum number of recipients that a user can send to within a day. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. For more information, see Sending limits across Microsoft 365 options.

Type:UInt32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection

-RecommendedPolicyType

The RecommendedPolicyType parameter is used for Standard and Strict policy creation as part of Preset security policies. Don't use this parameter yourself.

Type:RecommendedPolicyType
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Exchange Online, Exchange Online Protection