Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Phishing attacks using Office 365 compromised Accounts/ ATP safe links not working

    Hello Microsoft ATP Team,

    This is to bring to your notice that spammers/phishers have started targeting Office 365 Tenants which creates a mail loop between Office 365 hosted domains and these emails are getting circulated through which accounts gets compromised. We had a lot of incidences happening in our environment, As these emails are getting generated from the actual account hosted in Office 365 the email are considered to be safe and lands in users Inbox. We have ATP safe links policy in place however its not performing the job as expected. ATP is a great feature but we request…

    512 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      24 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
    • End User Spam Notifacation - Frequency

      Currently we can only have 1 email sent per day notifying the user they have spam in quarantine.

      The email is usually sent just after midnight so if the user does not check their quarantine it could be a full 24 hours until the use is notified that they have spam to release.

      Could I suggest that at least 3 times per day this email can be sent?

      Cheers

      355 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        42 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

        Thank you for your feedback. We have a clarifying question that would help us to prioritize this better: If you need notices 3 (or more) times per day, why use quarantine at all? Why not send the mails to a junk folder which the user can check on demand? If you want a notice each time any message gets quarantined, again, what prevents just sending the mails to a junk folder instead?

      • end user notification

        currently in EOP, when we enable the end user notification for quarantine emails, the minimum value is 1 day, which may cause the issue we may miss some important emails, we required that we may improve the feature to send notification every hour.

        12 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          8 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

          Please share with us more about how you use the product. For scenarios which require end users to regularly scan for false positives, we find that customers prefer to use Junk Mail folder instead of Quarantine. Is that an option for you? Also, have you investigated the causes of the false positives? Improper configuration is the cause of roughly half of all false positives.

        • Outbound email data should be used to assist in spam scoring

          Example: You and a customer have exchanged a series of emails back and forth and randomly an email will be held.

          The email addresses and domains (non free email providers) you have a history of sending email to should be a factor in the spam scoring and significantly reducing the likelihood that mail from that domain (less so) and email address (more so) are quarantined.

          8 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
          • Don't see your idea?

          Feedback and Knowledge Base