I have a requirement from a large customer (85K users) that needs to be able to perform eDiscovery collections for specific Outlook folders. We can do date range and Full Mbx collections, but not specific folders. This was possible on-premises, but not in Exchange Online ????

As a Partner I have access to the tenant of my clients. I'm not able to see the score of my clients tenant and check easily what changes need to be done and discuss this with my clients.
I can only do this when I have an separate admin account of the clients tenant.
Now with the integration of secure score into the compliance center shows a widget of the score but not the actions that needs to be taken. Please integrate the full secure score

Fix DMARC implementation to match the RFC 7489 defined behaviour for p=reject and p=quarantine.
Current behaviour p=reject messages are quarantined???

Currently users with the ediscovery role can run search for content and download that content. Using the New-ComplianceSearchAction -purge -softdelete you can delete this content (which we use for deleting spam or malware emails out of mailboxes). We do not want our security operations team to use powershell to complete these deletes so we have to write a gui to provide this functionality. Please enable the ability to complete deletes within the SCC itself

Want to bring network location-based conditional access policy to not only SharePoint but also the whole of office365.

Safelinks currently requires you enter each url you'd like to allow through. I'd like to have safelinks allow a wildcard domain. for instance we get many emails from our own systems pointing to internal urls. sometimes those emails get distorted because the url's are listed in plain text and replaced with the safelink.

I'd like to allow wildcard https://*.mydomain.com/* to allow domains such as web.mydomain.com/page and test.mydomain.com/stuff to go through with by making one simple rule vs theoretically hundreds.

We are getting numerous malware attacks with zero hour Office files containing malicious Macro's, these are often blocked within 60-90 minutes but some are still being received by users. The signature is changing regularly so they aren't picked up by your scanners despite the original virus being around 12 months old.

We do educate the users not to open them and Macro's are disabled, but blocking the content at the gateway would be better.

Some of this functionality was available in Forefront for Exchange.

The new version of OME that is now more integrated into AIP, needs to have an encrypt only option such as you can configure using the message classification configuration.

The DNF use case is too restrictive for our organisation.

Thank you for consideration.

When applying the new unified retention policies across Office 365, and you have configured the policy to delete content after a specified period of time, is there any provisions for a review/approval process and/or a 'certificate of destruction' as an audit of what was deleted? This is a standard requirement for many Information Management teams as Courts of law look for prior review and approval for disposed content if called upon.

Currently office365 has a messaging limit of 30 per minute. It would be idial to have this increased to maybe at least 50 per minute.

Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

Currently O365 has an alert for forwarding/redirect rule within Security and Compliance Center. Considering that most phishing campaigns are crafted with someone setting up Inbox rules to move messages to another folder which are monitored, creating a man-in-the-middle attack. It would benefit tremendously to be alerted whenever a user creates/deletes/modify an inbox rule to prevent attacks before they happen.

Advanced Threat Protection - SafeLinks - Create Submission Mechanism for False Positive Malicious Domains

This idea would create a feedback / reporting mechanism for domains incorrectly tagged as malicious by the SafeLinks feature. We had an example of a partner domain that was tagged as malicious, had zero malware / good reputation / etc. (confirmed by Microsoft Support), and had no way to feed that information back into Microsoft for a review of the malicious domain list so it could be removed. Similar feedback mechanisms exist for false positive Spam and virus detections - URLs deserve the same treatment.

Junkmail filtering has been a constant pain point for me with O365 business and Outlook. The spam filters have an awfully high number of false positives, and only rarely capture real spam (I don't get much on these accounts). Most of the mail that gets filtered is from the same set of senders even though I constantly tell Outlook that these messages are not Junk. O365 needs to leverage this data to improve filtering reliability.

I would like to Create and alert if there are failed login attempts or successful login attempts from IP addresses originating outside of my City/State/Country.

Allow us to either white list IP addresses and alert for any not on the white list. Blacklist IP addresses and alert based off of just black list. Select Country regions and alert if selected countries IP addresses are the originating IP. Allow us to alert for only failures, only successes, or both.

Office 365 admins should be able to go into the mail flow queue and delete or resend emails that show "stuck" (either pending for a long time) or duplicate emails.