Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Is there any virus scan being run?

    Can you scan incoming emails for attachments containing malware? When we used Websense, they scan and blocked them all. With Microsoft "security" they are flying in like a knife through tissue and into my user's mailbox.

    MS tech support has me block the sender's ip address after the email has flooded the office, but the blatant stupidity of such a solution needs no further discussion.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  2. Increase Message Trace Limits

    Increase Message Trace limits from 5000 and 3000 (for detailed traces). Either increase the limits by default or allow a certain number of traces that include larger numbers of messages.

    Certain organizations rely heavily on running message traces for all of their messages.

    It is a requirement for our client to be able to trace all of their messages with detailed information and it's a clumsy solution to have to create a trace for every day out of the past 90 days (which they must do because they send and receive more than 3000 messages within a couple of days).

    240 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  3. Show All Devices Connected to Outlook App

    Activesync allows full visibility of devices connected to a single account (iPhone & iPad) and functionality to block or wipe individual devices. Outlook shows one account for any device connected to it.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. A very simple and effective tool to backup a email folder

    Provide a simple standalone tool to export a folder to a mbox file. The input should be the username/password and the folder to backup and the output should be a mbox file with all emails from the specified folder.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Wildcard URL broken with EOP ATP

    If Advanced Threat Protection is enabled and Safe Links policy is turned on, then incoming clear text URL links are broken if they contain wildcard mask.

    We simply buy certificates from third party CA for wildcard type of like ".domain.com". Safe Links broke this to ".https://emea01.safelinks.protections.outlook.com/?url=domain.com" in simple text field area.

    This should be better handled.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. fix the ATP bug

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Block attachments with no file extension via the anti spam setup

    in this world of ever increasing ways to dupe organisations into giving away confidential information, one way for us to stop unwanted emails would be to have the ability to block emails that have no file extension

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Reduce the delay of non-delivery service for domain erro. The current delay is 48 hours, it is too long. 2 hours is a good time.

    Reduce the delay of non-delivery service for domain error. The current delay is 48 hours, it is too long. 2 hours is a good time.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. A page that shows all IP addresses used to access the account.

    In gmail you can go to SIgn-in & Security and it shows all activity. Not only the IP address, but, the name of the machine or device that connected. MS should add a similar feature.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow disabling of SPF checks

    As a user using both a dedicated security based ESP (Mimecast) with Office 365 Exchange, I have no need for many of the Office 365 security features.

    Most annoyingly is the fact that forwarding from my ESP fails the Office 365 SPF checks, because the sending domain doesn't match the IP range of the source any more.

    I wouldn't mind except Office 365 won't even allow me to disable SPF checking!

    This means a typical message is stamped with an SPF 'pass' from Mimecast and an SPF 'fail' from Office 365.

    This in turn could interfere with anti-spam rules within…

    131 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. E-Discovery Search to exclude Voicemail messages

    Due to confidential voicemail messages in mailboxes, can there be an option in the new e-Discovery search to filter out by voicemail message. I understand that you can specify searches by keywords, but if there is a build in feature in e-Discovery to exclude voicemail, this can prevent man made mistakes when performing searches.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  12. Export tool on Compliance search

    Export tool on the new compliance search (azure)

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  13. SPAM being identified and yet forwarded to 3rd party applications

    Improve SPAM re-production when emails are forwarded to 3rd party email platforms.

    We've got a SPAM email filtered by Office 365, but at the same time forwarded (by rule) to 3rd party email platform. Microsoft said this is a flaw on design and are looking to improve user experience. In short: If Office 365 identifies email as SPAM, no point in forwarding it right? I believe Admins are well aware how to trace where the email got stuck.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add "90 days" to Message Trace date range options

    I frequently use Message Trace to look at the activity for a particular distribution group or recipient to determine if it's no longer in use. It would be helpful if one of the date range options was simply "90 days" or "Maximum" so that I don't have to fuss with the calendar each time in order to pick the maximum query window. If the form can already tell me "You picked a date range longer than 90 days", then either it shouldn't even show me invalid days on the calendar control, or it should simply offer me a shortcut option…

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  15. Custom NDR sending postmaster pr domain

    When using multiple domains, the default domain is used as postmaster-domain (so NDR are sent from postmaster@defaultdomain.com). This is not always wanted, especially if the domains not shall be related to each other. It should be possible to assign a sender for the NDR on domain-basis.

    47 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. 2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support OSX + other browsers for Mailbox Export to PST

    Currently, to export a mailbox as a PST file, you need to use a windows machine and use IE/Edge browser. You need to build out support for OSX and other browsers so businesses can use whatever hardware/software they use instead of only the one option.

    70 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. Compliance Center Issues

    I have been doing a lot of testing with Search in the Compliance Center against OD4B sites in SPO. We are a very large origination (55,000+ users) and currently have over 24,000 OD4B sites. The admin center in the Compliance Center is limited but does work as advertised to some extent. I can search and retrieve the first 200 items for preview. It is a bummer that the preview or entire results from the query can't be exported here. That led me to move to PowerShell using the Compliance Center commandlets. I am very disappointed in it's current function. I…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  19. Block Office Files with Macro's

    We are getting numerous malware attacks with zero hour Office files containing malicious Macro's, these are often blocked within 60-90 minutes but some are still being received by users. The signature is changing regularly so they aren't picked up by your scanners despite the original virus being around 12 months old.

    We do educate the users not to open them and Macro's are disabled, but blocking the content at the gateway would be better.

    Some of this functionality was available in Forefront for Exchange.

    119 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  20. eDiscovery capability in Exchange Online: A large discrepancy exists between the estimated size and actual size of an in-place eDiscovery s

    eDiscovery capability in Exchange Online: A large discrepancy exists between the estimated size and actual size of an in-place eDiscovery search of a users mailbox. The tool consistently estimates a much larger file size than what is actually produced. The conclusion is that the resulting file is missing data. In each case, Premier Support has recommended moving the users mailbox. Ticket numbers: 115102213294077, 115122113516279, 116011513591778

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base