Medhacloud Logo
FREE TOOLEXCHANGE ONLINENO SIGNUP

M365 Email Security AnalyzerExchange Online Threat Assessment & Security Audit

Free PowerShell tool that connects to your Microsoft 365 tenant, pulls 15 days of email telemetry, quarantine data, ATP reports, anti-spam/anti-phishing policies, transport rules, and DKIM status — then generates a comprehensive Excel report with threat analysis, remediation roadmap, and licensing guidance.

Requires Microsoft 365 Admin Access

You need Exchange Online admin credentials. The script connects via the official ExchangeOnlineManagement module — no data leaves your tenant.

What It Analyzes

Email Flow Analysis

Pulls 15 days of message trace data — delivered, spam-filtered, quarantined, and failed messages. Identifies suspicious senders and patterns.

Quarantine & ATP Reports

Extracts quarantine data, Advanced Threat Protection reports, high-confidence phishing attempts, and malware detections.

Anti-Spam & Anti-Phish Policies

Audits your anti-spam policies, anti-phishing configurations, safe links, safe attachments, and identifies misconfigurations.

Transport Rules Audit

Reviews all mail flow rules (transport rules) for security gaps — rules that bypass spam filtering, allow external forwarding, or whitelist risky domains.

DKIM & Authentication

Checks DKIM signing status for all domains, SPF alignment, and email authentication configuration across your tenant.

Excel Report Generation

Generates a multi-tab Excel workbook with threat summary, email flow stats, policy audit results, remediation roadmap, and licensing recommendations.

What You Get in the Report

Email Flow Summary

  • Total messages sent/received
  • Spam vs delivered ratio
  • Top senders and recipients
  • Status breakdown (Delivered, Filtered, Quarantined, Failed)

Threat Analysis

  • High-confidence phishing attempts
  • Malware detections
  • Suspicious inbox rules (auto-forward, delete)
  • ATP safe links/attachments triggers

Policy Audit

  • Anti-spam policy configuration review
  • Anti-phishing policy gaps
  • Transport rules security check
  • DKIM signing status per domain

Remediation Roadmap

  • Priority-ranked security improvements
  • Step-by-step implementation guides
  • Licensing recommendations (P1 vs P2)
  • False positive tuning suggestions

Quick Start — 2 Commands

# 1. Allow scripts to run (one-time)

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

# 2. Run the analyzer (auto-installs required modules)

.\MedhaCloud-M365-Email-Security-Analyzer.ps1

The script auto-installs ExchangeOnlineManagement and ImportExcel modules if missing. Sign in with your M365 admin account when prompted. Report generates in ~2-5 minutes depending on mail volume.

Requirements

Windows + PowerShell 5.1+

  • Windows 10/11 or Windows Server
  • PowerShell 5.1 or later
  • Internet access to connect to Exchange Online

Microsoft 365 Access

  • Exchange Online admin credentials
  • Global Admin or Exchange Admin role
  • Works with Business, Enterprise, Education plans

Auto-Installed by Script

  • ExchangeOnlineManagement v3.5.0
  • ImportExcel (for .xlsx generation)
  • No manual module setup needed

Who Uses This Tool

MSPs & IT Service Providers

Run this on client tenants during security assessments or onboarding. Generate branded reports that identify gaps and justify remediation projects. White-label ready.

Internal IT Teams

Audit your own Microsoft 365 email security posture. Identify misconfigured anti-spam policies, risky transport rules, and missing DKIM signing before attackers exploit them.

Security Consultants

Use as part of security assessments. The Excel output provides evidence for compliance audits (SOC 2, HIPAA, PCI-DSS) and documents current security controls.

Need Professional Email Security Services?

Our security team configures Microsoft Defender for Office 365, implements DMARC/DKIM/SPF, tunes anti-phishing policies, and monitors email security for MSPs and enterprises.

Also check: Email Security Analyzer (DNS-based) |GoDaddy Defederation Tool

Beyond Free Tools

Enterprise Cloud & IT Services

From Microsoft 365 migrations to fully managed infrastructure — we handle every layer of your IT stack.

Migration Tools We Use

Enterprise-grade tooling for every platform

  • BitTitan MigrationWizCloud-to-cloud email & data
  • Microsoft Exchange HybridOn-prem to Exchange Online
  • ShareGate DesktoolSharePoint & OneDrive
  • Microsoft Mover.ioGoogle Drive to OneDrive
  • Entra ID ConnectAD sync & hybrid identity
  • PowerShell & EWS APIAutomation & bulk ops
M365 Migration Services

Our Services

More Services

Contact Us