O365 Email Anti-Phishing Policy Modification Procedure

This admin procedure will provide background information on modifying an existing anti-phishing threat policy.

Anti-Phishing Threat Policy

An anti-phishing threat policy specifies the phishing protections that are applied to your organizational mail flow, and how the messages that fail to meet compliance are handled. It also includes information about the priority and recipient filters for the policy.

Procedure Scope: Administrators

Required Group Membership: Admin.EmailSecurity

Modifying an Anti-Phishing Threat Policy

1. Navigate to Anti-Phishing – O365 Defender, locate the policy you wish to alter.
   
2. Upon opening the policy, all the information of the policy will be displayed. 4 points of interest will be available to Edit. You can modify the sections as needed.
   1. Description: Adjust the description of the policy; a non-functional element that provides background information on the scope of what the policy is trying to accomplish.
      
   2. Users and Domains: Specifies the users, groups, or owned domains that this policy will be applied to; additionally, you can also specify exclusions if necessary.
      
   3. Phishing Protection & Threshold: Specifies the filters that will be applied to emails for a compliance match.
      
   4. Actions: Specifies how messages will be handled when they fail this threat policy check.
      
3. Regardless of the section alterations are being made in the same procedure applies once the necessary changes have been made select Save.
   
4. Once all items have been reviewed, select Close to finalize modifications made to the policy.
   

You're Finished!