Forum Discussion

underQualifried's avatar
underQualifried
Brass Contributor
Feb 25, 2025

Params required for Secure Score not available - AntiPhishPolicy

I have a pwsh script to configure the various threat protection policies. Has worked great. Went to run it on one tenant today, and got a number of invalid param errors. I investigated, and found that 
1) The online portal doesn't list these params, they can't be set. Ex: EnableMailboxIntelligenceProtection, MailboxIntelligenceProtectionAction, EnableSimilarDomainsSafetyTips, etc

They have a recommendation to configure Mailbox Protection to send to the Junk Mail folder (like everyone, which is what I've been doing for everyone). But this isn't an option for this tenant. Not on the web, or via ExchangeOnlineManagement.
```
PS C:\Users\me> Set-AntiPhishPolicy -EnableMailboxIntelligenceProtection $true
Set-AntiPhishPolicy : A parameter cannot be found that matches parameter name 'EnableMailboxIntelligenceProtection'. 
```
However, when I run Get-AntiPhishPolicy, those params DO return. A number of which I just can't set, but ARE Secure Score recommendations. 

EnableMailboxIntelligenceProtection           : False
EnableTargetedDomainsProtection               : True
EnableFirstContactSafetyTips                  : False
EnableSimilarDomainsSafetyTips                : False
TargetedUserProtectionAction                  : Quarantine
TargetedUserQuarantineTag                     : DefaultFullAccessPolicy
MailboxIntelligenceProtectionAction           : NoAction
MailboxIntelligenceQuarantineTag              : DefaultFullAccessPolicy
TargetedDomainProtectionAction                : NoAction
TargetedDomainQuarantineTag                   : DefaultFullAccessPolicy
AuthenticationFailAction                      : Quarantine
SpoofQuarantineTag                            : DefaultFullAccessPolicy
EnableSpoofIntelligence                       : True


Furthermore, though this may be a temporary thing, I am unable to save any changes to the available params in the web console. 

  • luchete's avatar
    luchete
    Steel Contributor
    Mar 01, 2025

    Hello underQualifried,

    These parameters, like EnableMailboxIntelligenceProtection and MailboxIntelligenceProtectionAction, are showing up in the Get-AntiPhishPolicy output, but can't be set or found in your script.

    The main issue might be that these parameters are either not supported in your tenant or require a different policy configuration that’s not available via the web or ExchangeOnlineManagement at the moment. The inability to save changes in the web console could be temporary or related to a policy or setting issue with your tenant.

    Since these are Secure Score recommendations, it’s also possible that some of these settings are still rolling out across Microsoft 365, or your tenant may not have the necessary licensing to fully apply them. I’d suggest checking if any updates or changes were made to your tenant settings or contacting support to confirm if these features are available,

    Regards!

Resources