In Microsoft Security and Compliance > Threat Explorer, it allows you to export emails that you searched for based on different criteria. In the exports, it doesn't give you a list of the urls contained in each email. I would like to see this functionality.
It's helpful because sometimes a phishing campaign uses several different urls and currently there isn't an easy way to determine them without a lot of manual work.
This capability is available now. It is part of the exported CSV, with Column Title as “URLs”.
The recent addition of Mail Flow insights to the Security & Compliance centre is helpful. But the FORWARDING REPORT is missing the facility to DOWNLOAD the data, or to schedule the creation of a report on FORWARDING.
Can you please look at the option to either allow the data to be downloaded, or for a report to be created/scheduled.
The Audit Log's functionality in Office 365 is excellent but the logs are only held for ninety days rolling.
Due to this we are having to look at third party solutions to export the logs automatically, but this would be much easier if you extended the logging period out to a much longer period - years would be better than months.154 votes
see this article for details on enabling longer duration retention for audit logs: https://docs.microsoft.com/en-us/microsoft-365/compliance/audit-log-retention-policies?view=o365-worldwide
Would like an option when exporting O365 eDiscovery search results to select the size of the resulting PST(s). As of right now, eDiscovery exports results in ~10 GB PSTs and automatically splits large exports into multiple ~10 GB PSTs. This large PST size is causing processing delays in our other applications. Smaller PST exports, such as 2 GB PSTs, are ideal.4 votes
Recently one of my user's credential compromised and using his credential and intruder sent email containing a malicious link. The email directly delivered to other person as it was treated as internal email.
ATP by design doesn't apply safe link policy to internal emails. So I can clearly say it is a high security risk.
Internal user can also do it by intention or by unknowingly, which will in return damage the environment instead of having ATP in place.
So my suggestion is to apply the safe link policy to internal as well as external emails.
Manoj Malik147 votes
The ability to apply SafeLinks policies to intra-organizational mail is rolling out currently. Thank you for the feedback!
Please implement in ATP Safe Link a black list for single tenant where insert the bad urls that ATP not intercepts or the bad url that are malicious for the company47 votes
We resolved this in 2017. Additionally, today, you can now check and report links to us in Submissions Explorer (Security & Compliance → Threat Management → Submissions)
Forwarding in SMTP is fundamentally flawed unless you implement SRS.
If you maintain the Return-Path of the originating message while forwarding you effectively spoof the originating domain.
If you modify the Return-Path to be the address of the account that forwarded a message you break the Return-Path chain and delivery issues will result in the forwarded message Delivery Status Notification (DSN) being delivered to the forwarding user and not the original sender.
SRS resolves this by modifying the Return-Path in a way that doesn't spoof the originating domain but still allows DSNs to be sent to the original sender.647 votes
SRS support has now been rolled out to the entire Office 365 service.
Provide the facility to automate the production of audit reports (to CSV ideally) from the new Protection Center so that audit data can be downloaded on a schedule and then imported into a local SQL database for detailed reporting and analysis using Reporting Services for company board meetings. This is a genuine request from a client of ours due to the sensitivity of documents they hold so they need to be able to report at weekly board meetings on user activity6 votes
The Office 365 Management Activity API addresses the need to have an API to access audit and activity logs.
Need to change Exchange online Recipient Limits. The default value is 500 and can't be modified.
In this case, users are able to send bulk\Spam messages by selecting entire global address list.1,547 votes
See the public announcement here:
You should also be aware that we improved Outbound Spam Policies to grant additional flexibility:
Audit reporting to identify what documents our users have shared with external contacts form their OneDrive. This missing feature is holding us back from rolling out OneDrive and getting all it's benefits.53 votes
These events were made available a while back. In the UX, look in the activity picker for these events under the “Sharing and access requests activities” section.
- Don't see your idea?