Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Don't rewrite URLs with ATP Safe Links

    How about letting ATP Safe Links run its policy rules before delivering the email to the tenant's mailbox, and don't mangle it at all if it passes the security checks? Some tenants use email-based software development, and ATP Safe Links are a pain to deal with.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Administrators (or recipients) should be notified when emails are blocked within ATP like Phishing emails

    Valid emails can be blocked within these policies and the user does not get a notification - in some cases this can cause operational issues eg meeting confirmations. Either notify the admins or give the users a 'No Action' type notification so they can at least contact their admins to look at the details of the email and consider a release.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. If Sending to multiple recipients, it would be nice of the tool tip still appeared at the top of the message.

    ATP Anti phising policy puts a neat Mailtip on top of the message for one recipient - if to many, it puts in the footer in plain text, right after our disclaimer. That is pretty worthless.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Dangerous behaviour of SPAM Whitelist

    If there are multiple senders in smtp-header, the spam whitelist is checking each of this senders, and if one is included, then the message is whitelisted. Sounds good.

    I have some pishing eMails received, that are whitelisted, because the faked Sender is in my whitelist.

    MAIL FROM: <wicked@spam.com>
    From: Display Name <good@wellknown.com> <wicked@spam.com>
    (no sender field)

    so, if i have <good@wellknown.com> in my whitelist, the mail would not be checked as spam. The mail however is sent from wicked@spam.com>. It would be displayed as
    Display Name <good@wellknown.com> in Outlook.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Reporting Phishing email/URL with Admin submission

    Admin submission is always completed as Verdict "not junk". however the emails are 100% Phish.

    either, you check the emails carefully? or add option like, Block similar emails and URLS.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. ATP scanning document dimension limit

    Extend O365 ATP limit for SharePoint online document. Current O365 ATP support 25MB document in scanning with SharePoint Online

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. Release Spam notification to user immediately

    We are a financial organisation.
    Transactions are time based. Cannot afford to miss emails.

    The spam notification to users is sent once a day.
    Hence, by the time user receives notification that a message has been quarantined, the action time is breached.

    This can lead to regulatory penalties, litigation, loss of business and brand impact.

    The spam notification should be sent to user as soon as the message is quarantined.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Address zero width spaces used in URLs - safelinks phishing

    This article highlights weaknesses in Microsoft safelinks https://thehackernews.com/2019/01/phishing-zero-width-spaces.html
    which also states microsoft addressed on 9 January 2019.

    However, testing on 11 Jan, we were able to use zero width spaces within a URL. It appeared that the URL was still being checked by safelinks as it goes to https://apac01.safelinks.protection.outlook.com/?url=https: ... " but when html source code was viewed it showed that safelinks data verification failed; and the user was directed to the modified URL which originally had zero width spaces included.

    Can Microsoft please checks this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. ZAP failed due to user configuration - feature missing

    There was a feature in the compliance centre called "ZAP failed due to user configuration" which I used to have as a tab in the compliance centre, by clicking on that tab used to give me the list of users who have disabled their "Junk filtering" in outlook. It vanished from the dashboard since Jan 2020. I would like to have that feature back please.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable users to read unauthenticated mails in Outlook Client after a warning

    Nowadays,
    When an email is received that did not pass sender authentication:
    - Outlook displays a '?' in the sender photo
    - User cannot read the email in Outlook 2016 with default O365 phishing policy

    The only possibility for administrators today is to either turn this strategy on (be default), or off.

    I would like to add a third possibility:
    - When clicking on the message to read it, the user is warned that the message did not pass sender authentication, bnut still has the option to read it:
    Are you sure you want to read this unauthenticated message Yes…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable Administrators to set Spam Senders limit

    Currently the restricted users is set as below;
    30 messages in a minute
    10000 in a day
    or 500 recipients in one email

    it is currently not possible for this to me edited and for many users this is far more leeway than needed - could this be changed to be configured per tenant (ATP or otherwise) or the general limits lowered and this has allowed a spam account to send over 8000 mail messages until we reset the password by staying under 30

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Stop blocking all links in emails from Norway’s #1 airline «Norwegian», impossible to check in etc.!

    Stop blocking all links in emails from Norway’s #1 airline «Norwegian», impossible to check in etc.!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow us to toggle whether specific end-users may whitelist a quarantined email address.

    Allow us to grant end-users permission to whitelist emails that are sent to them but end up quarantined in https://protection.office.com/quarantine. It would be great to be able to allow some users this ability, but not all users. It would also be great to limit them to email sent to them only.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Spam Complaints

    I maintain a large email database of corporate IT professionals who frequently change jobs. But their corporate email is maintained. Any emails sent are automatically re-routed to the person who took over their job. So they get emails which they didn't subscribe or opt-in to receive, through no fault on my end. Yet they sometimes report me (incorrectly) as a spammer to Microsoft, without telling me directly, and Microsoft refuses to tell me the email address. But how can I remove this problematic email address, which benefits no one, if Microsoft won't divulge the address?

    Microsoft should ask, from the…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  19. You are blocking a site I know is not a threat

    You are blocking a professional site I know is good. How do I get rid of you

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable spam filtering based on more criteria than TCP/addressing

    In my Mozilla Thunderbird client I'm able to filter out a lot of spam by identifying key words. I'm also able to filter out people attempting to phish by verifying the name they claim matches the email address known for the individual. Our organization gets a lot of phishing attempts from people who scrape our homepage for the name of our CEO and then send mass emails claiming to be that individual. I could filter out 90% of those attempts if I could set the spam filter to check that the name of the incoming sender doesn't match the email…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base