Automation of EOP / MDO setting via PowerShell

Hi everyone

I can imagine some people struggled with the same problem as me. I’ve never found a script on the internet, to automatically create all standard or strict settings in the Security Portal for Exchange Online Protection and Microsoft Defender for Office. I always had to set all settings it in the GUI or search for the appropriate PowerShell commands. Thus, I’ve created two new scripts to automatically create Exchange Online Protection and Microsoft Defender for Office security policies. Those policies are based on the standard and strict settings by Microsoft, but with some weeks from me and my colleges based on customer projects.

The primary functionality of the scripts are to automatically deploy standard or strict Microsoft best-practice settings for EOP and MDO to a customer’s Microsoft 365 tenant. These settings enhance email security and protection against threats. The scripts perform a series of actions, including creating and configuring Safe Links and Safe Attachments policies, setting up anti-phishing policies, configuring MDO settings for Microsoft 365 apps, defining spam and malware filter policies, adjusting sharing policies, enabling audit logs, disabling IMAP and POP access, blocking client forwarding rules, and deploys the add-in “Report Message” to all users. Finally, it disconnects from the Exchange Online session. These scripts are a valuable tool for administrators tasked with securing a Microsoft 365 environment efficiently and in line with recommended security practices.

➡ Link to my GitHub

𝐏𝐒: If there are any question or an issue with the script, raise an issue on my GitHub repo.

You might also like