Note: Knowledge base article about dealing with spam for a specific Microsoft 365 client. Identifiable references to the client have been redacted.
Block the spammer so they don’t send more messages.
- Log into security.microsoft.com.
- Choose Policies & rules > Threat policies > Anti-spam > Anti-spam inbound policy (Default).
- Scroll down and click Edit allowed and blocked senders and domains.
- Under the Blocked section, click Block domains.
- Click the + button.
- Enter the domain you want to block and click Add domains.
- Click Done to finish adding the domain.
- Click Save.
- Click Close to exit the Anti-spam inbound policy.
Purge Spam Email
Purge spam email that is already in Beyond user’s mailboxes.
- Go to compliance.microsoft.com and scroll down to eDiscovery.
- Click eDiscovery in this section to be redirected to Core eDiscovery.
- Click Create a case.
- Name it after the Kayako ticket number (e.g., Kayako ticket 23451) and click Save.
- Select the newly created case.
- Select the Searches tab and click New Search.
- Enter a friendly name (e.g., ticket number) and click Next.
- Toggle on Exchange mailboxes location and click Next.
- Add the search queries you need. Usually, they are Subject/Title and Sender/Author.
- Click Submit.
- Once the search has been created, click Done.
- Wait until the status says “Completed.”
- Log into the [redacted] Domain DC.
- Run the Delete email from ediscovery search PowerShell script.
- When asked to enter the search name, enter the name you created in step 10.
- Exit the DC.
- Back in the Compliance Center’s Core eDiscovery, close the case.