fbpx

Setup Microsoft 365 Email Threat Management Policy Template Using PowerShell

We’ve recently been rolling out Defender for 365 across multiple clients to better integrate our security solutions. We’ve been using 3rd party spam solutions and they have let us down many times and just not been a good fit. We’ve always thought that the Microsoft solutions were not as good but over the last year or so they have come on in leaps and bounds and it’s been working great.

The only issue I had was that there was no easy way to roll out a standard set of policies across multiple tenants. That’s until I broke out the PowerShell!

Ok so in my case all users are using Business Premium so they are good to use the following policies:

  • Anti-Phishing
  • Safe Attachments
  • Safe Links
  • Anti-Spam
  • Anti-Malware

** Use at your own risk and test with a non production environment first **

Threat Policy Template Manger Download: SetupThreatManagmentPolicies (89 downloads)

The policies can be seen in https://protection.office.com/treatpolicy by clicking on each of the policy tiles.

Next you will need to open PowerShell 5 for Windows (doesn’t work with PowerShell 7) as an administrator and cd to the script location and run it.

CD c:\scripts

.\SetupThreatManagmentPolicies.ps1

Once you run the script you will need to login to the clients tenant as a global admin. Be warned the script will just go ahead and do its thing so make sure you test it out and use at your own risk!

Don’t worry however because although it does create the polices, it wont enabled them. That is a manual task for you to do.

Threat Policy Template Manger Download: SetupThreatManagmentPolicies (89 downloads)

The script should run and enable Audit logs and the junk filter for all users then add the policies.

It makes me smile every time I run it 😀

Now you will see each of the policies have been created and you just need to enable them to activate the functionality. You can tweak the script to call the policies what ever you want.

Here you can see an outbound and inbound spam filter policy ready to enable too.

This script has made things so easy to roll out email threat management policies across lots of clients.

Author: Ian@SlashAdmin

Share This Post On
468 ad

3 Comments

  1. I’ve updated this script to work with dehydrated tenants.

    Post a Reply
    • Hi Chris,

      Yes that is correct it will configure Anti-Phishing, Safe Attachments, Safe Links, Anti-Spam and Anti-Malware policies based on whats in the script so you can tweak them as required.

      The policies will be in a disabled state so you can check them before turning them on.

      I use this during our client onboarding and takes me literally two minutes.

      Enjoy.

      Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *