Max Send Limits
Working at a university, our users are sometimes targeted in mass with phishing attempts via email. While most users know not to click unknown links and enter their credentials on a non-university website, some still do. Once the account is compromised it is used to then phish other users, both inside and outside the organization. As of now the max send limit for users is 10,000 messages within 24 hours, if I understand correctly. We'd like to be able to cut that down to something a little more reasonable for our users. I think the following would be quite useful for us:
- Allow admins to lower the max send limit for mailboxes to a value that is more in line with the normal use of the mailboxes. Most students would never need to send more than 500 messages in a day, and setting the limit that much lower should reduce outgoing phishing messages by 90% from compromised accounts.
2a. Given the above, it would be nice if there were a policy that could be assigned by group membership, allowing admins to provide different max send limits based on the user's needs while still maintaining a reasonable max limit.
2b. Another useful feature would be if these policies for max send limit could be applied to internal and external messages separately. For example, maybe we could keep the max send limit for internal messages at the default but restrict more the max send limit for messages leaving the tenant/organization.
- I know it's an available feature but since I'm here and it's relevant I'll mention it. We'd really like the ability to use the conditional login feature in the Azure P2 license. When we get a compromised account, more often than not, the account is used to phish others from outside the country. I know the P2 license offers the ability to restrict Office 365 logins in different ways, but with thousands of users we simply cannot afford it with the current price per user per month licensing model.
Dave Webster commented
2 years on and no feedback on this yet.
Add it to the list of other bad decision with no feedback like when they pulled OWA app and we all lost shared mailboxes or the constant churn of new funky GUI's that just don't work.
It's just another it used to work and now that options been removed and it its place you have this shiny new thing that half the time doesn't work.
Mac Edwards commented
Agreed! The ability to set lower send limits for certain users in our Organization would greatly minimize the impact of a compromised user. Also working at a University our students are a huge target, and cleaning up after a compromised account that sends thousands of messages could be mitigated by such a change.