Content Filtering Policy Check [CHK-1028]
This customer check verifies if the Content Filter policy, which protects against social engineering, is correctly configured.
Rationale
The Content Filter is used to block unwanted emails such as spam and phishing. It also checks if the Zero Hour (ZAP) protection is activated, which allows emails already delivered to the recipient to be removed later if identified as unwanted mail.
Fix
An automated fix is available through Attic.
Manual steps:
- Connect to ExchangeOnline using
Connect-ExchangeOnline. - Run the following command to enable the content filter:
Set-HostedContentFilterPolicy -Identity "Default" -SpamZapEnabled $true -PhishZapEnabled $true
Impact
The content filter will be enabled and correctly configured, ensuring protection against unwanted emails.