Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Quarantine Preview with no interaction

    We are looking at letting our end users begin managing their own quarantined messages. One thing we noticed, that we like much better about management in the Exchange Online Portal, is that when you click to preview the quarantined message in HTML format, you get a warning. This is no longer available in the S&C portal, as well as the message now opens in HTML format rather than text format by default. Could we get that warning back?

    To take things one step further, how much trouble would it be to have the message open in a true preview mode,…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. add an unsuppress option for the Office 365 Security and Compliance portal emails.

    add an unsuppress option for the Office 365 Security and Compliance portal emails.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. There should be a dedicated mobile app to manage your quarantine and junk mail settings.

    Managing quarantined messages from a mobile device is very difficult. The digest message is unusable from the native IOS mail client. visiting the quarantine site from a mobile phone is non functional. There should be a dedicated app where you can easily manage your messages in the quarantine. Ideally there would be an easy interface to also manage your black and white lists.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Report Message add-in Organizational Automation

    Would like to use Report Message add-in to automate organizational alerting and “immunity” for flagged phishing emails. Ideally, if one user flags an email as malicious, would like to automate heightened alterning for any other users who received the same email or an email from that sender. For example, employee 1 (E1) & employee 2 (E2) both receive the same phishing email. E1 identifies the email as suspicious and flags the email using Report Message Add-in. E2, who has not yet reviewed the email, will have that emailed flagged in their inbox to alert them to use extra caution. I…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. quarantine

    Please allow access to the new quarantine page in the S&C (protection.office.com/quarantine) without an EXO license.
    Accessing the new quarantine page without EXO license results in error: request: /api/quarantinemessage/querymessage
    status code: 500. An EXO license isn't required for the quarantine page in the EAC, but it will retire soon.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Improve International Spam Filtering

    In our troubleshooting with MS to reduce flood of approx.11,500 spam / unsolicited email messages for a particular user, we've implemented International Spam filtering (regional filter). This setting checks to see if the IP address sending the emails are from a specified region.

    We recommend this setting also include blocking the top level domains (TLDs), or at least that verbiage that this is a geolocation type of technology (IP address, etc.) be added (i.e., tool tips, support documentation, etc.).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Quarantine "Not yet released to" should be near the top of the page

    The "Not yet released to" field would be better near the top of the page instead of at the bottom so you don't have to scroll down to see who the email is going to be released to.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Improve interface of the Intelligent Mailbox protection

    The Office 365 Anti phishing default policy has options for adding users despite the documentation saying that the default applies to all users? This is very confusing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. Multi Factor Authentication and App Passwords cannot be deployed in my organization.

    We are an IT department of 6 that support 1,235 end users. We recently had a handful of users click an illicit link and had their O365 accounts hijacked by an unknown 3rd party. The simple answer to this problem is to enable Multi-Factor-Authentication. Our end users do not have the patients nor the technical knowledge to even consider using App-Passwords. They can barely keep track of one password let alone a different password for every device they own. We NEED multi-factor-authentication but training end users, making them use app-passwords, maintaining current hardware and devices, and adding future devices is…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. language

    While creating a new policy, the ability to select multiple languages or countries under International Spam has been removed. Previously under the Exchange Admin Centre you could select multiple languages and countries.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. One Drive - Report Malicious Content

    How about this?
    The ability to report malicious One Drive accounts and files...wait for it.........IN ONE DRIVE. On the same page as the file! Brilliant, I know.This is a basic request that should have been present at the launch.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add a policy to have a maximum number of characters in an email address (max 25)

    Our organisation is getting numerous emails where the email address extends to more than 25 characters long before the @domain.com. I'd like to see a feature where we can set a maximum amount. This way, it will alleviate these email addresses from being delivered. We cannot block domains from this group becuase it comes from a group of known domains in which we cannot just block it.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. would like to mark any messages inbound and outbound with 80+ messages as SPAM and allow them the option to select which messages are allowe

    I´d like mark any messages inbound and outbound with 80+ recipients as SPAM and allow them the option to select which messages are allowed to be delivered with 80+ recipients and which are not.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Safety Tips tab in Anti-phishing Policy

    From Damian - Configuring Safety Tips for Anti Phishing
    https://www.powershellgeek.com/2020/06/05/configuring-safety-tips-for-anti-phishing/

    Add Safety Tips tab in Anti-phishing Policy instead of the link 'Turn on impersonation safety tips' in Actions tab

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. How about you use SPF records to verify the validity of a mail server like the rest of the industry?

    We moved our client to a new internet connection and changed their MCX and SPF records accordingly (both records had a TTL of 60 seconds). 3 hours later, they told us O365 was blocking them. Check of industry blacklists and SPF Validity tests indicated noone else had a problem receiving their mail, it was just O365 being special

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Change 2FA+Login process to prevent phishing

    2FA can be used to prevent phishing if a change to the login and 2FA process is applied to online login portals. The login page must load only the username field statically. The username is submitted and if found in the database an OTP is sent to the user. Once OTP is successful the password field gets loaded dynamically, the password is entered and the user authenticates. A spoofed website will not be able to simulate the 2FA, so once users are aware of the new authentication method they will be able to identify the spoofed page before they enter…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  19. Atp(advanced threat protection) can not prevent malwares,phishing mails etc. is there any service which we can inform about these mails.

    Atp(advanced threat protection) sometimes can not prevent malwares,phishing mails etc. is there any service which we can inform about these mails.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add more data to safe links malicious url click

    With the arrival of AIR to Security and Compliance we have noticed that there is no correlating data for when a user clicks on a Malicious URL. For example, if someone were to run a Safe Link through VirusTotal or urlscan without first sanitizing through o365atp it would count as a click for the user. If we were able to see IP address etc. at time of click it would be more helpful in determining exposure vs. false positive.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base