Blocking and Purging Spam in Microsoft 365

Note: Knowledge base article about dealing with spam for a specific Microsoft 365 client. Identifiable references to the client have been redacted.

Block Spammer

Block the spammer so they don’t send more messages.

  1. Log into
  2. Choose Policies & rules > Threat policies > Anti-spam > Anti-spam inbound policy (Default).
  3. Scroll down and click Edit allowed and blocked senders and domains.
  4. Under the Blocked section, click Block domains.
  5. Click the + button.
  6. Enter the domain you want to block and click Add domains.
  7. Click Done to finish adding the domain.
  8. Click Save.
  9. Click Close to exit the Anti-spam inbound policy.

Purge Spam Email

Purge spam email that is already in Beyond user’s mailboxes.

  1. Go to and scroll down to eDiscovery.
  2. Click eDiscovery in this section to be redirected to Core eDiscovery.
  3. Click Create a case
  4. Name it after the Kayako ticket number (e.g., Kayako ticket 23451) and click Save.
  5. Select the newly created case.
  6. Select the Searches tab and click New Search.
  7. Enter a friendly name (e.g., ticket number) and click Next.
  8. Toggle on Exchange mailboxes location and click Next.
  9. Add the search queries you need. Usually, they are Subject/Title and Sender/Author.
  10. Click Submit.
  11. Once the search has been created, click Done.
  12. Wait until the status says “Completed.”
  13. Log into the [redacted] Domain DC.
  14. Run the Delete email from ediscovery search PowerShell script.
  15. When asked to enter the search name, enter the name you created in step 10.
  16. Exit the DC.
  17. Back in the Compliance Center’s Core eDiscovery, close the case.