Office 365 Security & Compliance
We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.
Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!
How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post
Thanks for joining our community and helping improve these features in Office 365!
Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.
-
SMTP Protocol Logs availability
SMTP Protocol logs are an invaluable tool when troubleshooting message delivery in on-premises Exchange Server.
I have just had a support case closed because Office 365 support cannot provide SMTP Protocol logs and I'm stuck, not able to determine the cause of a mail flow issue without the logs. The only option for send/receive information on a particular message is advanced message trace, which does not provide details of the message conversation.
Can you provide a way for admins to request these logs from the Office 365 support team, if not provide a way to access them via Remote PowerShell?…
222 votesAs Exchange Online operates in a multi-tenant configuration, protocol logs include connections from multiple customers. Unlike Message Tracking Logs, these logs are not attributed to a specific tenant at a protocol level, therefore there is no way extract a single tenant’s logs. We provide Message Trace as the best way of tracking the messages that pass through our service.
For connections from your own servers to our service, you do have the ability to analyse your logs which would mirror our own front door protocol logs. Message Trace would then take over for messages that were accepted by our service.
For support cases, protocol logs can be searched for as part of tracking down an issue for an instance of an issue, however support cannot provide customers with their protocol logs for them to do their own investigation.
We understand that admins have much less control of what happens to…
-
Stop using the Spamhaus PBL and XBL blocklists on mail submitted by *authenticated* users
Microsoft use various Spamhaus blocklists for filtering incoming mail. As an Office 365 user myself, I am grateful for this, as without such tools I'm sure I would receive a lot more spam.
However, today I discovered that an email from one Office 365 user to another Office 365 user was rejected because the sender's IP was on the Spamhaus PBL and XBL lists. The IP address was not on the SBL list. Please note that the message was submitted using an Exchange client with their Office 365 username and password. It was not submitted by SMTP.
If I understand…
90 votesOffice 365 uses Spamhaus PBL & SBL only for rejecting unauthenticated mail servers which are trying to deliver to or relay through Office 365.
The XBL is used to prevent authenticated clients, but ONLY if the tenant is a new/trial tenant. To resolve issues caused by the XBL, simply convert to a paid license and remove the trial. It may take 1-2 days for the system to pick up this change, but paid customers should have no issues with XBL. If you are a paid customer and are affected, please contact our support who can check the backend to make sure your licenses are correct. Occasionally a system may get out of sync and you will need to get support to dig into the problem with our engineering team.
This check is done as one of many things we have to do to control abuse.
-
Advanced Threat Protection Plan
Wanted to ask if Microsoft have any plans to add "Advanced Threat Protection" to the rest of the Office 365 plans instead of just the Enterprise E5 plan only? I think it would be a wonderful addition to all the plans to have this active to protect end-users emails. The URL Detonation and Dynamic Delivery functions are needed in the rest of the plans and they add great functionality for all.
Thank you.
2 votesATP is available as two add-ons to any plan, ATP P1, or ATP P2. There are other bundles which do include ATP as well, depending on your channel & geography.
-
Audit log Deletion for administrators
Good Day,
We have Audit logs in Exchange admins settings. I tried to delete that logs but i could not. Support team says that due to security reasons that function have only developers team. And client cannot contact developers team. We are clients and we should have that ability . If official request should be made we are ready to make that request.1 voteOffice 365 does not allow for the deletion of Audit logs. In addition, audit entries are save for 90 days.
-
Activate One Drive personal vault in office 365 business
One Drive personal vault is currently available in OneDrive home and personal plans. It could be usefull to activate this solution on Office 365 business to improve for example the security of mobile device.
1 votePlease submit this in the OneDrive uservoice forum.
-
Deprecation of TLS 1.0 and how you can help your customers with this change
I have a request which I imagine will benefit a number of your customers.
As you know, O365 no longer supports sending email to legacy Exchange (2003 and older) systems on Windows Server 2003 running TLS 1.0. ( See these articles:
http://bit.ly/1JoVsJT
http://bit.ly/1gkfSK6
http://bit.ly/1IgpknD )Unfortunately, we have a client that is running such an environment and we are unable to send them email. If you wish to see details, the SR is SRX615081193192636ID.
We have encountered around a dozen other clients who’s email systems do not support TLS at all. For these cases, I have configured a rule which…
1 vote -
Archiving in Outlook and Exchange Online should be more integrated.
For SOHO users. When I changed to Office 365 and Exchange Online I kept my archiving in Outlook. It was always there and I did not know about In-Place Archive. Such users should be informed about in-place archive and possibly the .pst archive should be moved to the Online Archive instead of the single machine Outlook Files folder. At the moment I move my archive.pst file to the Online Archive. I must say sofar the search unction in my email is much more robust.
1 voteThank you for your feedback. At this time, Office 365 provides an enterprise solution for Administrators to leverage our Import Service to import users PST files to their Office 365 mailbox archive. Unfortunately, we don’t highlight the benefit of leveraging the mailbox archive at the end-user level. However, this feedback will be taken in consideration for future product improvements.
-
at this moment office 365 doesn’t have the functionality to automatically convert any outgoing mail attachment as ZIP file with password pro
at this moment office 365 doesn’t have the functionality to automatically convert any outgoing mail attachment as ZIP file with password protection.
In terms of compliance purpose, it is better to add this functionality. Because at this moment if we want this functionality to then I guess we have to go with some sort of third party tools which will be involve cost and human resource. So as a client of office 365 I and my company desire is to have that sort of functionality within office 365 itself1 voteThank you for your feedback but we aren’t able to accommodate your request at this time.
-
separate sending IP addresses for tenants
It would be nice to have separate sending IP addresses for every different tenant. This way SFP rules won't assume that email from compromised O365 tenants are safe.
1 voteAs we are focusing on providing a shared cloud solution, this ask does not fit in with those plans.
- Don't see your idea?