Feedback by UserVoice

How can we improve compliance or protect your users better in Office 365?

← Office 365 Security & Compliance

DMARC Aggregate Reports from O365 Domains

Ability for Office 365 to send DMARC Aggregate reports when set in a monitoring policy to see which aouthorised\unauthorised senders are using my domain suffix... just like other vendors are already doing.

3,598 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Jade shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

108 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • David commented  ·   ·  Flag as inappropriate

    I feel this a major omission on the email handling side. My DMARC monitoring receives the majority of its reports from Google and nothing at all from 365 domains. Since most of my customers are based on 365 this means I have no DMARC data showing if my customers might be impacted by abuse of my domain. I am confident the 365 filtering will respect my DMARC policy, but I'd love to have the data as evidence that is actually happening.

  • Chris Lewis commented  ·   ·  Flag as inappropriate

    We had a major spoofing campaign on our domain - thousands of spam emails sent from our domain. I couldn't set the DMARC policy to quarantine because I have NO visibility into our "good" emails to know that things are configured correctly. I didn't want to risk quarantining our good emails too. Not getting DMARC aggregate reports renders DMARC practically useless for O365 domains.

  • Davide Pagnin commented  ·   ·  Flag as inappropriate

    In 2020 it seems incredible that MS has not yet re-enabled DMARC reporting from 2017, when they stopped reporting them. Please Re-Enable reporting. Do the right thing for mail security of everybody. Please.

  • Chris Evans commented  ·   ·  Flag as inappropriate

    A renewed sense of urgency needs to be applied to this.
    With such a massive market share, not getting DMARC reporting from Office 365 undermines the legitimacy of every single DMARC Aggregator and reporting tool available.
    This needs to be done, yesterday

  • Ronald commented  ·   ·  Flag as inappropriate

    In a few months, we're living in the year 2021. Pandemic going on. Loads of people working from home, and Phishing has never been as big a problem as it is now, and it will continue to grow.

    Microsoft, please put a number of people on this. We really, really, really, really need the visibility to go from p=quarantine to p=reject.

    We cannot do that without reporting from Office 365. Please do your part. Enable DMARC reporting!

  • Anonymous commented  ·   ·  Flag as inappropriate

    Please implement this ASAP, we are completely in the dark with regards to DMARC on Microsoft addresses! Currently getting lots of spoofing on our domains and even with reject=100 the emails are still getting through...need to see what's happening.

  • Ranjit Kumar commented  ·   ·  Flag as inappropriate

    please implement DMARC for O365 mails. This is really consuming more effort to tackle daily spam mails.

  • Qub commented  ·   ·  Flag as inappropriate

    you really need to hurry up, yesterday I got scam email. he's blackmailed me to transfer some bitcoin. He claimed already hack my computer (I know this is bullshit) but 3 years I was using gsuite I never got any scam email like this. I only receive email from my client and organization. everything change after I start using office365.

  • Brandon commented  ·   ·  Flag as inappropriate

    We are currently in IL2 and ready to move to IL5, hoping that this DMARC feature will be available ASAP. WE needs the ability to analyze the RUA and RUF reports in friendly format. Please make it happen and provide ETA for all of us within the GCC.

  • Anonymous commented  ·   ·  Flag as inappropriate

    As DMARC gains popularity 365 is becoming a a blackhole with respect to DMARC and this reflects badly on 365 customers. This does need to be addressed by Microsoft if the industry is tackle email misuse.

  • TimA commented  ·   ·  Flag as inappropriate

    From what I have heard, this worked until the migration of Hotmail into ExO

  • Jon Hilmar Edvardsen commented  ·   ·  Flag as inappropriate

    As you are (finally) implementing the IETF rfc7489 standard please respect it fully, so that you start treating Policy=Reject as Reject, and not as Personal User Quarantine, as is your current implementation.

  • Brian Geng commented  ·   ·  Flag as inappropriate

    I would like to add my voice to request Microsoft add DMARC reporting to their platform. It's shocking to me that they don't already have this in place.

  • Andrew W commented  ·   ·  Flag as inappropriate

    Microsoft would you hurry up? Email fraud has never been bigger and you are missing in action here at an otherwise very useful standard to help people and organisations protect their identities.

  • Ronald commented  ·   ·  Flag as inappropriate

    @Sean S: Is there any update to be given? A hint for a planned ETA possibly?

  • Ronald commented  ·   ·  Flag as inappropriate

    This is what i wrote a four months ago:

    In a few day's, we're living in the year 2020. Phishing has never been as big a problem as it is now, and it will continue to grow. Microsoft, please put a number of people on this. We really, really need the visibility to go from p=quarantine to p=reject. We cannot do that without reporting from Office 365. Please do your part. Enable DMARC reporting!

← Previous 1 3 4 5 6

Office 365 Security & Compliance: Spam & Phishing

Categories

Feedback and Knowledge Base

(thinking…)

Related Sites