How does Zero-hour auto purge (ZAP) work?

Security Email

Zero-hour Auto Purge (ZAP) is a feature in Microsoft Defender for Office 365 that provides retroactive protection against email that has already been delivered. It works in conjunction with other protective features like Exchange Online Protection (EOP) and Microsoft Defender for Office 365.

Functionality of ZAP

ZAP operates by continually monitoring updates to the spam and malware characteristics that Microsoft uses to filter email. If a message has been delivered to a user's inbox and later Microsoft's filters determine the message to be spam or malware, ZAP will automatically move that message to the junk folder or quarantine, depending on the severity.

The main functions of ZAP include:

  1. ZAP in Spam: When Exchange Online Protection (EOP) determines that a delivered message is spam, ZAP moves that message to the recipient's Junk Email folder.

  2. ZAP in Malware: If a delivered message is identified as malware, ZAP quarantines the message.

  3. ZAP in Phish: If Microsoft Defender for Office 365 identifies a delivered message as phishing, ZAP moves that message to quarantine.

  4. ZAP in Bulk mail: For mail identified as bulk (like promotional emails), ZAP will move those messages to the Junk Email folder.

How ZAP Works

  1. Initial Delivery: When an email first arrives, EOP and Defender for Office 365 evaluate the message for spam, malware, and phishing characteristics. If the message is deemed safe, it is delivered to the recipient's inbox.

  2. Post-Delivery Analysis: Microsoft continuously updates its spam and malware definitions and filtering capabilities. As these updates occur, previously delivered messages are re-evaluated.

  3. Action Based on New Assessment: If the updated spam and malware definitions determine that a previously delivered message is spam, malware, or phishing, ZAP takes action to move the message to the appropriate location (Junk Email folder or quarantine) depending on the classification.

The ZAP feature significantly enhances the security provided by Office 365, as it offers ongoing protection against spam and malware even after the messages have been delivered. This process is automatic and requires no action from the end user.

We've got you covered

Our team can handle just about everything, and we have industry contacts for specialized work that we can't take on.

Clear Directions

You'll never be left wondering what needs to happen for your IT projects, or how to get them done, we'll handle it.

Industry leading security

We live to check all the boxes, we even like it so much that we check off boxes that people haven't made up yet.

Sign up now!

Get in touch so we can help out,
we don't bite.
or