Exchange Online Mail flow Alert policies
Hi All,
Maybe you have noticed the new Mail flow Alert policies in Exchange Admin Center.
You can define new Alert policies, define the Severity, the Insight, the recipient, the Notification Limit and sometimes also the Threshold for the Alert.
For me it's a little bit odd to send an Email in case something does not work well with the Mailflow.
It could be that you get the Email very late or even when the issue is already resolved. As far as i know there is still no dedicated API to get to Informations like these... Let me know if i am wrong.
Alert policies in Exchange Online
This is the direct Link for Exchange Admin Center
I've clicked on the Existing Alert Policy
You have some general Settings
And the Settings itself
Let's create a new Alert Policy
You can also see these Alertpolicies in Microsoft Purview
To view the Alerts you need the ExchangeOnlineManagement Module and the following commands
Connect-IPPSSession
Get-ProtectionAlert | where {$_.Category -eq "MailFlow"}
Get-ProtectionAlert | where {$_.Category -eq "MailFlow"}
I've created every combination:
Severity: High / Medium / Low
Insight: Mail loop / Slow transport rule / New users forwarding / New domains beeing forwarded / Cert expiry
These seem to be the Filters. Now you can go ahead and create the Alerts via PowerShell
New-ProtectionAlert
| Insight Type | Filter |
| Mail Loop | Insights.InsightType -eq '1602' |
| Slow Transport Rule | Insights.InsightType -eq '1604' |
| New users forwarding | Insights.InsightType -eq '1606' |
| New fomains beeing forwarded | Insights.InsightType -eq '1607' |
| Cert expiry | Insights.InsightType -eq '1610' |
Regards
Andres Bohren
