Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Microsoft Office 365 ProPlus Security Technical Implementation Guide
SRG-APP-000516
The junk email protection level must be set to No Automatic Filtering.
The junk email protection level must be set to No Automatic Filtering.
An XCCDF Rule
Details
Profiles
Prose
The junk email protection level must be set to No Automatic Filtering.
Medium Severity
<VulnDiscussion>This policy setting controls the Junk E-mail protection level. The Junk E-mail Filter in Outlook helps to prevent junk email messages, also known as spam, from cluttering a user's Inbox. The filter evaluates each incoming message based on several factors, including the time when the message was sent and the content of the message. The filter does not single out any particular sender or message type, but instead analyzes each message based on its content and structure to determine if it is likely spam. A Junk E-mail filtering option of "No Automatic Filtering" will evaluate emails against domain names and email addresses in the blocked sender list and send them to the Junk E-mail folder. A Junk E-mail filtering option of "High" is not recommended when behind enterprise-level capabilities such as Enterprise Email Security Gateway (EEMSG), Cloud-Based Internet Isolation (CBII), and O365 Exchange Online Protection (EOP).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>