Remove Limit of 60 users for New Anti-Phishing Policy
Why is there a limit of 60 users that can be added to the new Anti-Phishing Policy? I would expect to have this very important feature available to ALL of our O365 users. Please remove this limitation so that we can add ALL of our O365 users to this new Anti-Phishing Policy
This is pretty critical as a large organization is already limited with only 60 executives supported but if we can only make 60 exceptions that simply isn't enough between personal email addresses and other external users that happen to have the same name.
Andrew Grant commented
I agree. While unlimited might be a bit much, 60 seems a bit low. This can already be done in part via transport rules (only allowing users with certain display names to send from inside the organization). Also, there should be a way to add multiple users to the impersonation policy easily. Had to write a script that would pull the users from get-mailbox and then manually filter from there to get this done in a reasonable amount of time.
I feel like "all" might be a bit much in terms of chasing down false positives, but it should certainly scale. A small business with 200 people is not the same as a large organization with 100,000 or more. I don't even mind if they gate-keep it through support channels and limit it to 0.5% of users or whatnot.
Aline V. commented