Recently, I asked people to vote on the settings in Office 365 Spam protection they believe should be made active to improve protection. That survey will continue to run and you can add your voice here:
However, with just over 30 votes as I write this I think we can draw some indications of what the best practice options are going to be.
So let’s start with the ones that should be definitely turned on based on a majority of votes for that condition:
URL direction to another port = ON
Backscatter = ON
SPF Hard fail = ON
Scripts in HTML = ON
Numeric IP addresses in URL = ON
Apply sensitive words list = ON
Empty Messages = ON
Web Bugs = ON
Condition Sender hard fail = ON
Form Tags in HTML = ON
Frame or iFrame tags in HTML = ON
Embed Tags in HTML = ON
Next, the one’s that should be off are:
Image links in Remote Site = OFF
Lastly, border line results that you probably want to set on if you want aggressive anti spam or off if you want relaxed.
Object tags in HTML = ?
URL to .INFO or .BIZ sites = ?
I’ll leave the survey running and you can check the results at any time in the future here.
In upcoming post I’ll show you how to set these options inside Office 365. However, thanks to the wisdom of the crowd (thanks to all who voted) we have an idea of what the settings should be.
CIAOPS 
Good information and thanks for collating and sharing the information .
LikeLike