Anti-spam and anti-malware protection

Applies to: Exchange Server 2013

Microsoft Exchange Server 2013 customers are automatically provided with anti-spam and anti-malware protection. The following topics (and their associated subtopics) provide overview information and configuration steps for customizing the built-in spam filtering and malware filtering settings so that they best meet the needs of your organization:

Anti-spam protection: Describes the basic built-in anti-spam protection features and other anti-spam protection options such as using a cloud-hosted anti-spam solution and managing quarantined messages.

Anti-malware protection: Describes the basic built-in anti-malware protection features and other anti-malware protection options. Among the information included are an anti-malware FAQ and details about how to configure anti-malware settings using the Exchange admin center or the Exchange Management Shell.

See Anti-spam protection in EOP for more information about anti-spam features of Microsoft 365 and Office 365.

You can also use anti-malware programs in the Windows operating system on Exchange servers to help further enhance the security and health of your Exchange organization. However, there are important considerations for how to best implement file-level scanning with Exchange 2013. For more information, see Anti-Virus Software in the Operating System on Exchange Servers.


You can also create transport rules to enforce company specific regulations and policies; for more information, see Mail flow or transport rules. Exchange 2013 customers who have purchased the data loss prevention (DLP) feature can also create DLP policies to help protect sensitive data; for more information, see Data loss prevention.