Feedback by UserVoice

I suggest you ...

DMARC Aggregate Reports from O365 Domains

Ability for Office 365 to send DMARC Aggregate reports when set in a monitoring policy to see which aouthorised\unauthorised senders are using my domain suffix... just like other vendors are already doing.

1,063 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Jade shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

53 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...
  • Mark commented  ·   ·  Flag as inappropriate

    Nearly 4 years on and this is still here. FFS, it's embarrassing.

  • Andrew Uys commented  ·   ·  Flag as inappropriate

    The DMARC Aggregate reports should be sent regardless of policy flag so long as the RUF is set. (i.e. not only for monitoring policy). at least that's my understand after reading the RFC.
    Please Microsoft, a good deal of our mails go to O365 domains, having this feedback compiled into our reporting solution is vital, and Microsoft can make a big difference to our strategic deployments.

  • Stephen Mitchell commented  ·   ·  Flag as inappropriate

    Sustainable security solutions are all about insight. DMARC provides insight on how email domains are being abused. Without the telemetry that Microsoft can provide, Microsoft's own customers lose insight on how they are being attacked.
    We applaud Microsoft's advancements in Advanced Threat Protection. However, we're looking for some Foundational Threat Protection here. CSC #7 adjacent, really. See section 4.6.5 in https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-177r1.pdf. Trustworthy email is something that benefits all. We all have a responsibility to participate.

  • Anonymous commented  ·   ·  Flag as inappropriate

    It's hard to take Microsoft's stance as a security company seriously when they don't provide this basic functionality.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Microsoft, you need to address this issue ASAP. How can one of the worlds largest email providers neglect to send DMARC Aggregate Reports, leaving those of use who take our email security seriously blind to a large percentage of vital data?

  • Martin L commented  ·   ·  Flag as inappropriate

    guide says to monitor on "none" policy, but 365 offers no ability to do so. fundamental functionality that should be built in

  • Martin Welén commented  ·   ·  Flag as inappropriate

    Seriously, this should be bumped up the priority list, and of course put on the public road map.

  • Henrik Schack commented  ·   ·  Flag as inappropriate

    Microsoft has a long sad history of reading the RFC's differently than the rest of the world.
    Back in 2013 they didn't always apply the user set DNS TTL values on DMARC records.
    Now they "translate" a DMARC reject policy into a DMARC quarantine policy, exposing their customers to fraudulent email that should have been rejected.
    And as this suggestion mentions, they no longer send out any DMARC RUA reports.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Com on. It's 2019. please enable the sending of DMARC aggregate reports from Office 365. You're leaving your Entreprise customers deaf, dumb and blind without this reporting. Come on!

← Previous 1 3

Feedback and Knowledge Base