Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow Settings for Message Expiration Timeout Interval and NDR

    For some error codes related to sending mails, the senders may receive the NDR immediately. However, for some other error codes, the mail server marks the undeliverable messages as a temporary error and the senders doesn't immediately receive an NDR. Instead, Exchange Online repeatedly tries to deliver the message over two days. Only after two days of unsuccessful delivery attempts does the sender receive this NDR.

    For some time critical businesses this is not acceptable. The user has to be informed very quickly (<6 hours) that his Mail was not delivered by now. Then the user can phone the recipient…

    511 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    53 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. User based per-domain safe sender and blocked sender lists not functioning with EOP

    Having recently undertaken a support case regarding a user and their safe sender and blocked sender lists and it's interaction with EOP it would be useful if the per-domain aspect of these lists functioned as advertised.

    We have been advised by Microsoft Office 365 support that only per-user (email address) exceptions override the EOP content filter rules and not per-domain. This contradicts what is stated at https://technet.microsoft.com/EN-US/library/dn636911(v=exchg.150).aspx

    This states that:
    Outlook safe sender and blocked sender lists – When synchronized to the service, these lists will take precedence over spam filtering in the service. This lets users manage their own…

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. In OWA Retention tags not included in a user's policy are available to them

    Personal retention tags have been created and assigned to a retention policy. This policy in turn has only been assigned to 5 users. These tags, though, are available in OWA for all users to select. They are not available in Outlook for Desktop (as they should not be).

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Exchange admin center: Message Trace actions

    We would like to see changes to the Message Trace function in Exchange admin center. We often see mailtraffic stuck on the status 'pending' for a while (hours) before being deliverd to the recipient. Or to take action on email with the status 'failed' or any other status.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. MSN and Bing Outlook not Working

    When I check my outlook mail it works when I check it with Bing or Msn they are unread

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  6. Admins to set telephone numbers for MFA

    For EMS, specifically for MFA, please allow the administrators to set the telephone number that must be used. This will enable the admins to restrict ability of users to set their own contact numbers.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. enable the adjustment of time zone for message trace tool

    Hello.I suggest the Time zone on the message trace tool should be adjustable for administrators.This will enable the administrators to view mails trace in their local time as real time.

    Thank you

    65 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  8. Improve message tracing in Exchange online

    We have had a lot of issues with spam, whether its cryptovirus emails getting through, or good emails getting improperly blocked. Because of this, we need good message tracing (to find the emails), which we do not feel we have with exchange online. We would like to make the following suggestions:


    1. Need to be able to trace further than 7 days back without a 4 hour wait per trace. Our previous message tracing system could go back the entire year nearly instantly, but we need at least 30 days without the 4 hour wait per trace. This was pitched as…
    593 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for taking the time to submit this feedback. Since there are multiple pieces and layers of feedback in this single post, it makes it more difficult than many to address. First, let us share a little about what we’ve been doing. Since this post was made, we have prioritized performance and reliability improvements for both Message Trace (inside 7 days) and Historical Search (typically outside of 7 days). We’ve added details to Message Trace that weren’t there before, decreasing the need to run Historical Searches inside of 7 days. For Historical Search, we have improved the results to be more clear for those who are not familiar with the Exchange Message Tracking log format. Additionally, while we get the total value of Message Trace, we’ve also prioritized reducing the constant need to search & destroy. We’ve made tremendous strides in effectiveness, even as the bad guys got more…

  9. Allow DKIM Setup with TXT DNS Records (see RFC-6376, RFC-4871)

    Currently it is only possible to Setup DKIM with CNAME records, but many ISPs around the globe don't support CNAME records with the "_" character in it. This might be wrong by RFC and is an issue.
    Nevertheless it is also wrong to bind setting up DKIM with only CNAME records.
    The mentioned RFCs suggest the usage of TXT records and so should Exchange Online also allow to use TXT records.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. In-Place Hold notification when recoverable items soft limit quota is reached

    It would be great to have a notification sent to the administrator setting the hold when the soft limit is reached in case of an indefinite In-Place Hold being set. For the time being the only option is to run a PowerShell script periodically to make sure the recoverable items folder is not full.

    As an addition, it would be great if a report is added in the Admin Center to view In-Place Hold information for one or multiple users such as storage consumed.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  11. Change deleted items retention tag reprocessing to use the date the item is deleted, not start date of mailbox retention tag.

    When a mailbox has a message retention policy to automatically delete items after 365 days, and a deleted item retention policy of 30 days, any message older than 30 days does not stay in the deleted items folder for 30 days, but is permanently deleted. Instead of recalculating the deleted item retention by the start date, recalculate the deleted item retention by the date the item was moved to the deleted items folder, plus 30 days.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Implement correct filter option for junk mail blocked senders list in case of self spamming

    I have the problem that I get self spamming mails from my own domain. To solve that I added the senders address to the blocked senders list in the junk mail options.
    But as this senders domain is my own domain, because of self spamming problem, that mails are still delivered to the inbox.
    So it would be great if the junk mail filter options are fixed/changed so you can block also self spamming mail addresses.
    Thanks

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. POPUP WARNING BOX MDM Deactivation is unavailable

    Please provide a POPUP WARNING BOX that when activating MDM that there is no option to deactivate the MDM service once it's enabled

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Connect my EOP account to the malware submissions.

    The issue that we are having is to when we need to submit a file\email for review on the Malware site, we are required to sign in to check on the status. Our EOP account is not recognized to sign in. When we select to create a new account, and use the same email address, we get error that the address is already in use. We are a company and need to be able to have our EOP account linked to the Malware site since they both are needed to combat the malware issue.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add abilty to filter email with no PTR in EOP

    I recently had a request open to get assistance with filtering out messages with no PTR record to Junk or Quarantine. The response was that this currently can not be done in the current design. We had this capability with our previous email filtering solution prior to migrating to O365. Some spammers do not manage their PTR records so we have discovered this method to be very effective. Without this feature, EOP is inferior in protection than our previous vendor.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. DMARC Aggregate Reports from O365 Domains

    Ability for Office 365 to send DMARC Aggregate reports when set in a monitoring policy to see which aouthorised\unauthorised senders are using my domain suffix... just like other vendors are already doing.

    3,504 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    107 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Option for excluding purged email with on-hold

    My legal department would like to use on-hold from day 1 on the user but they would like to exclude purged emails (deleted emails that only exist in eDiscovery). In law cases, deleted emails can be a burden (negative for the Company).

    So I would like to have an option that we can enable by powershell, (exclude deleted emails).

    I guess that this is very different regarding which sector the Company works in. So an option would be great to (deafault off)

    We can today do a setting that purges the email after for example 6 months (user can recover…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. Releasing a quarantined message sent to a group should only release to the releasing user

    Currently spam or malicious emails sent to a distribution group that are successfully quarantined can be released by anyone on the DL, and are then delivered to everyone.

    This results in many users receiving malicious emails due to a single user's error/curiosity.

    This behaviour goes against normal user expectations. Anyone releasing a mail assumes it would just be released to them, and does not consider it may be released to 100s of others at the same time.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Daily report about spam quarantine

    Receive daily mail about mail in quarantine (with "subject", "from" and "to")

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. Office 365 mail queue viewer and control

    It will be better if Admins get the option to view the mail queue in Office 365. We will have more control on the email flow if this option is enabled.

    532 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    34 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback.

    Today you can see messages which are “pending” in a queue through Message Trace feature. In the Mail flow Dashboard, you can see messages queued for more than an hour. We’ve also created alerting for this condition. Can you tell us what other things you need and what the scenarios look like / how commonly you need to perform the task?

    This would help us when evaluating this item further.

  • Don't see your idea?

Feedback and Knowledge Base