5 - ジャンクメールフォルダーと管理者の隔離

このチュートリアルでは、SUSPICIOUSおよびBULKメッセージをユーザーのジャンクメールフォルダーに配信し、MALICIOUS、SPAM、およびSPOOFメッセージを管理者の隔離に配信する方法を学びます（これには、メールを解放するために管理者が必要です）。

ドメインの設定

You first need to configure the domains you are onboarding on the Email Security (formerly Area 1) dashboard. To configure your domains:

1. Log in to the Email Security dashboard ↗.
2. Go to Settings (the gear icon).
3. Go to Email configuration > Domains & Routing > Domains.
4. Make sure each domain you are onboarding has been added.
5. For each domain you are configuring, select … > Edit, and set the following options:
   • Domain - <YOUR_DOMAIN>.
   • Configured as - MX Records.
   • Forwarding to - This should match the expected MX record for each domain in your Office 365 account ↗.
   • IP Restrictions - Leave this field empty.
   • Outbound TLS - Forward all messages over TLS.
   • Quarantine Policy - いかなる処分も確認しない。

迷惑メール対策ポリシーの設定

To configure anti-spam policies:

1. Open the Microsoft 365 Defender console ↗.

2. Go to Email & collaboration > Policies & rules.

3. Select Threat policies.

4. Under Policies, select Anti-spam.

5. Select the Anti-spam inbound policy (Default) text (not the checkbox).

6. In Actions, scroll down and select Edit actions.

   

7. Set the following conditions and actions (you might need to scroll up or down to find them):

   • Spam: Move messages to Junk Email folder.
   • High confidence spam: Quarantine message.
     • Select quarantine policy: _AdminOnlyAccessPolicy_.
   • Phishing: Quarantine message.
     • Select quarantine policy: _AdminOnlyAccessPolicy_.
   • High confidence phishing: Quarantine message.
     • Select quarantine policy: _AdminOnlyAccessPolicy_.
   • Retain spam in quarantine for this many days: Default is 15 days. Email Security (formerly Area 1) recommends 15-30 days.
   

8. Select Save.

トランスポートルールの作成

To create the transport rules that will send emails with certain dispositions to Email Security:

1. Open the new Exchange admin center ↗.

2. Go to Mail flow > Rules.

3. Select Add a Rule > Create a new rule.

4. Set the following rule conditions:

   • Name: メールセキュリティ ジャンクメールフォルダーに配信する`.
   • Apply this rule if: The message headers > includes any of these words.
     • Enter text: X-Area1Security-Disposition > Save.
     • Enter words: `SUSPICIOUS`, `BULK` > Add > Save.
   • Apply this rule if: Select + to add a second condition.
   • And: The sender > IP address is in any of these ranges or exactly matches > enter the egress IPs in the Egress IPs page.
   • Do the following - _メッセージプロパティの変更_ > _スパム信頼レベル (SCL) の設定_ > _5_.

5. Select Next.

6. You can use the default values on this screen. Select Next.

7. Review your settings and select Finish > Done.

8. Select the rule メールセキュリティ ジャンクメールフォルダーに配信する` you have just created, and Enable.

9. Select Add a Rule > Create a new rule.

10. Set the following rule conditions:

    • Name: `エリア 1 管理者管理ホスト隔離`.
    • Apply this rule if: The message headers > includes any of these words.
      • Enter text: X-Area1Security-Disposition > Save.
      • Enter words: `MALICIOUS`, `UCE`, `SPOOF` > Add > Save.
    • Apply this rule if: Select + to add a second condition.
    • And: The sender > IP address is in any of these ranges or exactly matches > enter the egress IPs in the Egress IPs page.
    • Do the following: _メッセージを_ > _ホストされた隔離にリダイレクト_.

11. Select Next.

12. You can use the default values on this screen. Select Next.

13. Review your settings and select Finish > Done.

14. Select the rule `エリア 1 管理者管理ホスト隔離` you have just created, and select Enable.