I just dropped my van off for some maintenance at the dealership and am currently waiting for a shuttle to take me to the office. As I sit here I’m thinking about EOP and PowerShell and have come up with a great idea for this week’s article. I don’t always think about EOP outside of work, but when I do, watch out! Already, let's dive in.
In my role I work with customers that are brand new to Exchange Online Protection and assist them in implementing and troubleshooting the service. Typically customers come from a 3rd party spam filtering service and have existing safe and block lists in place which they want to migrate over to EOP. If these lists are long, the process of adding them to EOP through the online portal can be very agonizing. Luckily, there’s an easier and quicker way to do this, PowerShell to the rescue! This article is going to focus on lists that are comprised of sender domains, but this script can easily be modified for specific senders.
We have a list of domains we want to safe list in EOP. We may have an existing rule that we would like to append domains to, or we may need to create a new rule from scratch.
First off, create a .csv file containing all of the domains (one per line) that should be added to the safe list. Here’s what mine looks like.
Once this is created we can jump into PowerShell.
That’s it! Here’s how my rule looks in the portal.
To create a block list, change the action above to how you would like EOP to handle messages that are received from the blocked domains (ex. delete message, move to quarantine, set a high SCL, etc…).
Connecting to PowerShell is quite easy, but often people need just a little push in the right direction with a sample script to get really moving on their own. It reminds me of this saying.
Give a person a fish and you feed them for a day. Teach a person to fish and you feed them for a lifetime.
Exchange Online PowerShellExchange Online Protection PowerShell
Note: If you have Exchange Online licenses (which include EOP), use the first link. If you have Exchange Online Protection licenses, use the second link.
Thanks for the tip. This will save a lot of manual typing :)
Nice, your customers really appreciate this!
i think there is only one thing worth mentioning
i got customer that is migrating to eop but he has like 1000-3000 safe and block senders he needs to migrate
and there is a limit to transport rules....
so some thought has to be out into this thing to basically split this thing to multiple transport rules.