Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Block Office Files with Macro's

    We are getting numerous malware attacks with zero hour Office files containing malicious Macro's, these are often blocked within 60-90 minutes but some are still being received by users. The signature is changing regularly so they aren't picked up by your scanners despite the original virus being around 12 months old.

    We do educate the users not to open them and Macro's are disabled, but blocking the content at the gateway would be better.

    Some of this functionality was available in Forefront for Exchange.

    112 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  2. eDiscovery capability in Exchange Online: A large discrepancy exists between the estimated size and actual size of an in-place eDiscovery s

    eDiscovery capability in Exchange Online: A large discrepancy exists between the estimated size and actual size of an in-place eDiscovery search of a users mailbox. The tool consistently estimates a much larger file size than what is actually produced. The conclusion is that the resulting file is missing data. In each case, Premier Support has recommended moving the users mailbox. Ticket numbers: 115102213294077, 115122113516279, 116011513591778

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  3. Office 365 email Queue Monitoring

    As an Admin of Office 365, there is no mechanism where we can Monitor the email Queue on the Office 365 for our tenant on a Proactive manner. This is the major concern for any email Admin.
    Microsoft sells SCOM to organization just to Monitor the Infra and on the other side they do not give such basic things to Office 365 tenants.
    Please help to provide such information on the Dash board.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Office 365 Mail Queue Monitoring

    As an Admin of Office 365, there is no mechanism where we can Monitor the email Queue on the Office 365 for our tenant on a Proactive manner. This is the major concern for any email Admin.
    Microsoft sells SCOM to organization just to Monitor the Infra and on the other side they do not give such basic things to Office 365 tenants.
    Please help to provide such information on the Dash board.

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow Exchange Admin Auditing retention to be increased past 90 days

    The commands Set-AdminAuditLogConfig -AdminAuditLogAgeLimit do not work on 365. We have a requirement to keep all admin logs for 3 years but this cannot be performed.

    239 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →

    At this point, the Office 365 service only allows for the retention of audit entries for 90 days. Can you provide us more information regarding your requirement to keep logs for 3 years. Is this a legal obligation? Please provide details around the specific audit entries you would like to retain for an extended period of time.

  6. Allow Settings for Message Expiration Timeout Interval and NDR

    For some error codes related to sending mails, the senders may receive the NDR immediately. However, for some other error codes, the mail server marks the undeliverable messages as a temporary error and the senders doesn't immediately receive an NDR. Instead, Exchange Online repeatedly tries to deliver the message over two days. Only after two days of unsuccessful delivery attempts does the sender receive this NDR.

    For some time critical businesses this is not acceptable. The user has to be informed very quickly (<6 hours) that his Mail was not delivered by now. Then the user can phone the recipient…

    506 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    53 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. User based per-domain safe sender and blocked sender lists not functioning with EOP

    Having recently undertaken a support case regarding a user and their safe sender and blocked sender lists and it's interaction with EOP it would be useful if the per-domain aspect of these lists functioned as advertised.

    We have been advised by Microsoft Office 365 support that only per-user (email address) exceptions override the EOP content filter rules and not per-domain. This contradicts what is stated at https://technet.microsoft.com/EN-US/library/dn636911(v=exchg.150).aspx

    This states that:
    Outlook safe sender and blocked sender lists – When synchronized to the service, these lists will take precedence over spam filtering in the service. This lets users manage their own…

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. In OWA Retention tags not included in a user's policy are available to them

    Personal retention tags have been created and assigned to a retention policy. This policy in turn has only been assigned to 5 users. These tags, though, are available in OWA for all users to select. They are not available in Outlook for Desktop (as they should not be).

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Exchange admin center: Message Trace actions

    We would like to see changes to the Message Trace function in Exchange admin center. We often see mailtraffic stuck on the status 'pending' for a while (hours) before being deliverd to the recipient. Or to take action on email with the status 'failed' or any other status.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. MSN and Bing Outlook not Working

    When I check my outlook mail it works when I check it with Bing or Msn they are unread

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  11. Admins to set telephone numbers for MFA

    For EMS, specifically for MFA, please allow the administrators to set the telephone number that must be used. This will enable the admins to restrict ability of users to set their own contact numbers.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. enable the adjustment of time zone for message trace tool

    Hello.I suggest the Time zone on the message trace tool should be adjustable for administrators.This will enable the administrators to view mails trace in their local time as real time.

    Thank you

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  13. Improve message tracing in Exchange online

    We have had a lot of issues with spam, whether its cryptovirus emails getting through, or good emails getting improperly blocked. Because of this, we need good message tracing (to find the emails), which we do not feel we have with exchange online. We would like to make the following suggestions:


    1. Need to be able to trace further than 7 days back without a 4 hour wait per trace. Our previous message tracing system could go back the entire year nearly instantly, but we need at least 30 days without the 4 hour wait per trace. This was pitched as…
    571 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for taking the time to submit this feedback. Since there are multiple pieces and layers of feedback in this single post, it makes it more difficult than many to address. First, let us share a little about what we’ve been doing. Since this post was made, we have prioritized performance and reliability improvements for both Message Trace (inside 7 days) and Historical Search (typically outside of 7 days). We’ve added details to Message Trace that weren’t there before, decreasing the need to run Historical Searches inside of 7 days. For Historical Search, we have improved the results to be more clear for those who are not familiar with the Exchange Message Tracking log format. Additionally, while we get the total value of Message Trace, we’ve also prioritized reducing the constant need to search & destroy. We’ve made tremendous strides in effectiveness, even as the bad guys got more…

  14. Allow DKIM Setup with TXT DNS Records (see RFC-6376, RFC-4871)

    Currently it is only possible to Setup DKIM with CNAME records, but many ISPs around the globe don't support CNAME records with the "_" character in it. This might be wrong by RFC and is an issue.
    Nevertheless it is also wrong to bind setting up DKIM with only CNAME records.
    The mentioned RFCs suggest the usage of TXT records and so should Exchange Online also allow to use TXT records.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. In-Place Hold notification when recoverable items soft limit quota is reached

    It would be great to have a notification sent to the administrator setting the hold when the soft limit is reached in case of an indefinite In-Place Hold being set. For the time being the only option is to run a PowerShell script periodically to make sure the recoverable items folder is not full.

    As an addition, it would be great if a report is added in the Admin Center to view In-Place Hold information for one or multiple users such as storage consumed.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  16. Change deleted items retention tag reprocessing to use the date the item is deleted, not start date of mailbox retention tag.

    When a mailbox has a message retention policy to automatically delete items after 365 days, and a deleted item retention policy of 30 days, any message older than 30 days does not stay in the deleted items folder for 30 days, but is permanently deleted. Instead of recalculating the deleted item retention by the start date, recalculate the deleted item retention by the date the item was moved to the deleted items folder, plus 30 days.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Implement correct filter option for junk mail blocked senders list in case of self spamming

    I have the problem that I get self spamming mails from my own domain. To solve that I added the senders address to the blocked senders list in the junk mail options.
    But as this senders domain is my own domain, because of self spamming problem, that mails are still delivered to the inbox.
    So it would be great if the junk mail filter options are fixed/changed so you can block also self spamming mail addresses.
    Thanks

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. POPUP WARNING BOX MDM Deactivation is unavailable

    Please provide a POPUP WARNING BOX that when activating MDM that there is no option to deactivate the MDM service once it's enabled

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Connect my EOP account to the malware submissions.

    The issue that we are having is to when we need to submit a file\email for review on the Malware site, we are required to sign in to check on the status. Our EOP account is not recognized to sign in. When we select to create a new account, and use the same email address, we get error that the address is already in use. We are a company and need to be able to have our EOP account linked to the Malware site since they both are needed to combat the malware issue.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add abilty to filter email with no PTR in EOP

    I recently had a request open to get assistance with filtering out messages with no PTR record to Junk or Quarantine. The response was that this currently can not be done in the current design. We had this capability with our previous email filtering solution prior to migrating to O365. Some spammers do not manage their PTR records so we have discovered this method to be very effective. Without this feature, EOP is inferior in protection than our previous vendor.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base