Office 365 Exchange Online Protection questions

I have a few clients who have on-premises Exchange Servers. They need a superior anti-spam solution to what they have right now.

Many of them like the idea of Office 365, and the idea of Office 365 handling the sending/receiving of email on their behalf is appealing, but they don't want to use the whole service. They made an investment into on-premises exchange server and want to keep using that.

The Office 365 EOP plan looks like it fits the bill.

My main question is... does EOP handle both the sending AND receiving of the company mail? Essentially acting as a gateway between the corporate Exchange Servers and the outside world? Or is it only for santizing the inbound mail and the organization is left up to their own devices to figure out how to send outbound mail?

Secondly... it's licensed on a per-user basis. How do you keep track of the users in Exchange vs the users in Office 365? Are you billed on a per-email-address basis? Or do you have to sync the AD users with Office 365? Does this mean there's an additional step every time you create a new user in AD that you must go into Office 365 and add an account there as well?

Lastly.... can you do exactly this but with E1 licenses instead of EOP licenses? Basically don't use any of the extra features of the E1 license, just use Exchange Online Protection but have all the users licensed with E1 licenses instead of the EOP licenses?
LVL 31
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Damien KayCommented:
I setup EOP for a small customer using SBS2011, and it has been working great.  I signed them up for 20 licenses, and chose NOT to worry about individual users, and you do not have to assign licenses like you do with O365.  Actually, it appears to work on the honor system, as there is no way for MS to check how many users you have.  The negative is that the users do not get to see their own list of messages that were quarantined, but you can do that for the entire domain as the administrator.

It does work in both directions, you will simply need to setup connectors on both ends.  Not sure I would pay for the more expensive E1 licenses...

My other concern was understanding what will happen when I DO want to migrate those 20 users to the full blown O365 product, with mailboxes, and access to individual spam quarantines.  I opened a call to get this answer, and unfortunately, never got a great answer.  There was no documentation at the time, and still have not seen any.

Other than that, there is lots of good documentation on EOP on TechNet:
Best Practices for configuring EOP

Hope this helps...


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Amit KumarCommented:
does EOP handle both the sending AND receiving of the company mail?

Yes! you will publish your MX records via MS Exchange protection and your transport servers will Smarthost to EOP vice-versa. It acts as gateway which receive your e-mail and then send it to your Exchange servers and receives mails from your Exchange servers then deliver to public world.

EOP license is user basis, while purchasing such license MS verify your Exchange mailboxes and provide you the license, present cost 1 USD per user/month. May be with large number of users is subject to price negotiation. You don't need to sync your AD with EOP as you are using it as a gateway only so all AD accounts and mailbox will be created in your on-premise Exchange servers. You can trace message by message trace and get reports of SPAM counts etc.


In spite of this, my suggestion is EOP is not mature enough yet, it need more time to be professional as there are certain limits. If you have any mind set to go for any other product so you can choose other products as well like Trend Micro, Iron Port, Postini or many other products.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.