Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Phishing attacks using Office 365 compromised Accounts/ ATP safe links not working

    Hello Microsoft ATP Team,

    This is to bring to your notice that spammers/phishers have started targeting Office 365 Tenants which creates a mail loop between Office 365 hosted domains and these emails are getting circulated through which accounts gets compromised. We had a lot of incidences happening in our environment, As these emails are getting generated from the actual account hosted in Office 365 the email are considered to be safe and lands in users Inbox. We have ATP safe links policy in place however its not performing the job as expected. ATP is a great feature but we request…

    554 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    ATP does not consider mails from other Office 365 tenants, or even mailboxes inside of your tenant, as safe. The best way to put a stop to this is to follow the recommendations in SecureScore for your tenant; and report phishing mails to us promptly. Also, make sure that the sender is not allowed either by the tenant configuration or the user safelist.

  2. Allow disabling of SPF checks

    As a user using both a dedicated security based ESP (Mimecast) with Office 365 Exchange, I have no need for many of the Office 365 security features.

    Most annoyingly is the fact that forwarding from my ESP fails the Office 365 SPF checks, because the sending domain doesn't match the IP range of the source any more.

    I wouldn't mind except Office 365 won't even allow me to disable SPF checking!

    This means a typical message is stamped with an SPF 'pass' from Mimecast and an SPF 'fail' from Office 365.

    This in turn could interfere with anti-spam rules within…

    98 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. User based per-domain safe sender and blocked sender lists not functioning with EOP

    Having recently undertaken a support case regarding a user and their safe sender and blocked sender lists and it's interaction with EOP it would be useful if the per-domain aspect of these lists functioned as advertised.

    We have been advised by Microsoft Office 365 support that only per-user (email address) exceptions override the EOP content filter rules and not per-domain. This contradicts what is stated at https://technet.microsoft.com/EN-US/library/dn636911(v=exchg.150).aspx

    This states that:
    Outlook safe sender and blocked sender lists – When synchronized to the service, these lists will take precedence over spam filtering in the service. This lets users manage their own…

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. To allow more than 30 messages per minute maybe up to 50?

    Currently office365 has a messaging limit of 30 per minute. It would be idial to have this increased to maybe at least 50 per minute.

    71 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    The referenced limits only apply to hosted mailboxes. These limits are in place to prevent abuse on multiple fronts (unlike some limits, this is not simply a matter of adding capacity, since spammers would also be able to take advantage of higher limits). For applications which need to send bulk email, it is not necessarily a current best practice to use an Office 365 hosted mailbox.

    One issue with the suggestion is that while 50 may be enough for your company’s application today, it may not be enough in the future, or for someone else — how much is enough?

    We will certainly periodically re-visit all limits in the service as we have consistently done, and raise those which we can raise. We are certainly considering all options including future features & offerings. However, at this time, we feel that using a bulk mailer or on-premises server for mass email…

  5. Ability to disable or enable Office365 Mail Protection

    I am not a fan of mail protection or its administration in a Hybrid environment and would prefer to use a mail-filter device.
    This is especially a pain due to the fact that legitimate messages are being sent to the Junk E-Mail folder by mail protection.

    161 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    @Anonymous: This can be accomplished. Please see instructions and more important information here: https://technet.microsoft.com/EN-US/library/jj937232(v=exchg.150).aspx Before you do, you may want to verify that the mails are being marked as junk by EOP vs. Outlook SmartScreen filter. You may want to verify this by disabling Outlook SmartScreen under Junk Email Options. A large number of false positives which are reported to us fall in this category. A support ticket is highly recommended to assist. EOP performance is among the leaders, but any spam solution requires proper configuration.

    @Leigh: It seems that you may not be asking for disabling EOP. You are asking to be able to disable the Outlook feature. This can also be done, but again, we would highly recommend a support ticket. EOP can return emails to sender if the sender is on a block list, but it never deletes emails unless you tell it to, and typically…

  6. Actually allow the SPF record hard fail and NDR backscatter hard fail to actually initiate a hard fail.

    We received a blatant phishing attempt which should have been classified as spam as the headers easily showed that the message itself did not originate from the legitimate sender. After sending the headers to Microsoft Engineers they stated that sometimes the message will still come through even though the SPF record hard fail flag was enabled in EOP.

    If you are going to call something a hard fail, it should act as if it were a hard fail, blocking the message entirely.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    We highly recommend using DKIM and DMARC in addition to just SPF. That said, this may be best worked via a support ticket so individual messages can be analyzed. As mentioned, it is completely possible that the issue is because of a whitelist or rule.

  • Don't see your idea?

Feedback and Knowledge Base