Jul 28 2011

Configuring FOPE in Office 365

Pick up four pointers on how to use the mature spam and antivirus app that Microsoft included in its BPOS replacement.

Microsoft is eager to capture a greater share of the hosted messaging market through enhancements coming with Office 365 (the successor to its existing Business Productivity Online Suite, aka BPOS).

One add-on feature to sweeten the value is Forefront Online Protection for Exchange. FOPE, currently in version 11.1, provides antispam and antivirus protection for Office 365 mailboxes within your organization.

If you have never worked with FOPE before (and most people haven’t), it can be a bit overwhelming initially. Here are four tips to make the process smoother:

1. Accessing FOPE Settings

You can spend hours clicking around the Office 365 Admin Console and never find the FOPE settings. There are actually two ways to get there: One is by logging in to Outlook Web App (either directly or through the Admin Console) and accessing the Exchange Control Panel for your organization. (Select Options > See All Options, then click the arrow next to Manage Myself, choose My Organization, and then select the Mail Control node.) You’ll notice a link on the right side of the Mail Control options that you can click to access FOPE settings. The second (and quicker) way is through Microsoft’s FOPE site. You will need to enter your Office 365 user name and password to access the settings.

2. At-a-Glance Information

The first tab you should select once you are looking at your FOPE portal is the Information tab. From here you can see graphical visualizations of the organization and network filtering analytics. Announcements are also included on this tab, and you’ll receive alerts about any service updates and enhancements.

3. Spam Action Settings

Antivirus protection scans are performed on all messages, both inbound and outbound, by Forefront Protection 2010 for Exchange Server (FPE) on the Exchange Online servers. No configuration is needed to perform any required action when a known virus comes in.

Spam is another story. You can configure spam settings, but only if you know where to look. To locate spam settings, select Administration > Domains. Select the link to the domain for which you wish to edit spam policy. Scroll down to find Spam Action options, and click the Edit link to view your choices.

There are four options:

•          Spam Quarantine: This is the most widely used choice within large environments because it offloads the stress of processing and storing this junk mail. It is stored in a special web-based spam mailbox. Users can sort through these messages, which are purged after 15 days.

•          X-Header: E-mail is delivered normally but a special X-spam header is inserted into each message’s header. This makes offending messages easy to track, as well as easier for system administrators to take action against on the server and client sides. These headers mean sysadmins can configure transport rules (through Office 365’s Exchange Control Panel) or client-side rules to handle problem mail.

•          Spam Redirection: This option re-directs e-mail to a specified SMTP within the domain for later review, typically by a sysadmin or someone appointed to check it regularly.

•          Modify Subject: This will add a little identifier to the subject line (like the word SPAM) so users can easily identify spurious mail when they receive it.

4. Policy Rules

FOPE can do more than filter virus-laden and spammy messages. It lets sysadmins enforce powerful policy rules too. To locate these rules, select Administration, click Policy Rules, and then select the New Policy Rule link in the top right. The number of settings is infinite. Learn more about FOPE policy enforcement on Microsoft’s TechNet.