Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Search Content - File Type Condition

    Allow Exchange Online to use the "file type" condition(i.e. Generating a report for inbound emails that contains specific file types - html, docx, pdf). I was informed by MS support that the specific condition is only applicable to SharePoint Online and One Drive.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  2. dhiod,frlc,ndn

    sjd,gmcfmvdmcvmnfxb v

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Save secure score notes without ignore button

    Could we have a save function for Secure Score notes. Now if you want to note for example that this is checked and will be handled when Identity protection is implemented, you need to ignore the item and then un-ignore to save the comment. It would be really cool if you could note things since we are doing reviews together with customers.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Better handling of quarantined emails for end-users

    There's lots about how the quarantined mail notifications work, the fact it is disabled by default and has limits on how frequently people are notified about quarantined mails.

    There's a simple way to address this. Make quarantine work more like Junk i.e.
    - have a Quarantine folder in Outlook that lists all mails currently in quarantine (sender, subject and reason for quarantine).
    - have options on each mail to release or remove
    - update the Quarantine folder in real-time

    That way, right from the start end-users can see mails are being quarantined and do something about it if needed. No…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Filter "Released" missing in "Quarantaine"

    In https://protection.office.com/quarantine

    The column "Released" is missing as a filter option. If you have been going through quarantaine, and released some legitimate mails, you want to filter those ones out... and not see them again after you released them.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable an Alert for full mailboxes. Send it for example to the admin.

    Maybe it is possibe to add an alert for mailboxsize (limit). For mailboxes that are not used often but needs to be monitort for the maximum mailboxsize.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Search through all messages at once

    Under Home > Review > Quarantine, there are now 5 different sections to search through emails: Transport Rule, Bulk, Phish, Malware, Spam.

    It seems ridiculous to have to search through one section, then drop down the next and search again. It needs to go back to at least having the option to search for "All at Once" instead of individually. Plus, the more you scroll down, the more the emails have to load coming through, which takes even longer to complete this process. Once you choose your date filters, all emails should show at once.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. RBAC ManagementRules does not apply to Outlook

    It should not be possible to Outlook Users to Bypass Management Rules created in Exchange via Powershell.

    I created a new Management Rules where the user is not allowed to change the ExternalAudit in MyBaseOptions.
    It applies to OWA but if a users uses Outlook he is still able to Change that.
    This means that Outlook Bypasses the rbac security model which should not be possible.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Improve whitelisting with a configurable trust score applied dynamically to spam confidence levels

    The current approach of whitelisting is a very binary approach of defining trust as either completely trust or distrust from a point in time for a sender/domain/IP.

    Companies you trust today might be breached tomorrow, domains or IP's may be sold and individuals may suddenly act maliciously. Most rule sets stop filtering past the whitelist which could result in malicious mail from a compromised partner being allowed into your systems.

    Therefore a better alternative would be to allow a "trusted" sender/domain/IP list that would allow you to dynamically reduce the Spam Confidence Level (SCL) of an email by a configurable…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Better SPAM filtering by allowing address portions to be use

    Lately a SPAM house is defeating all of my ANTI-SPAM efforts by using revolving domains, subjects and addresses. Each address has one thing in common right now, they all com from Contact@domain.com. If your SPAM options would allow me to use the "Contact@" portion of the address as a search feature, I could block a whole host of e-mails coming in. Then if they used "Comments@" Support@, or any other common tag, I could filter them out, but Outlook does not allow us to filter on a portion of the address. But maybe it should.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. Notification interval for end-user spam notifications

    Regarding end-user spam notifications, currently, even at the shortest interval, notifications are sent once a day, but I would like you to add a setting to notify each time quarantined.
    The reason is that you may be delayed until you notice an important email that has been accidentally quarantined.

    エンドユーザーのスパム通知について、現在は最短の間隔でも通知は 1 日ごとだが、この場合誤って検疫されてしまった重要なメールに気が付くまで遅れてしまう可能性があるため、検疫されるたびに通知する設定を追加してほしい。

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. blocked word

    Blocked sensitive words list should be known to IT admin or available with Support persons which words are blocked by default by EOP/FOPE

    other wise IT admin will create rules to block it and another thing is it has limitation on number of character is 8192 which should be increased otherwise we will have to create number of rules to block those words

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Legal Hold Custodian Report

    Legal Hold Custodian Report Export that includes custodian names, email, and data sources for each custodian.

    the "Export" function just exports the case names, status, created date, "last modified date", and "last modified by".

    It would be great if we added "custodian name", email, Role, and status to that report.

    We provide monthly status reports to inside counsel and manually add the custodian data to each case.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please add Disable-TransportRule and Remove-TransportRule under the activities to limit your search

    Please add Disable-TransportRule and Remove-TransportRule under the activities to limit your search when doing report auditing.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Connection Filter - Block Spam/Spoofed Email by IP address Range

    It would be very helpful if we can block an IP range. I get quite a bit of spoofed spam that i backtrace to server farms/collocation centers. If i could block their IP range, I can effectively stop the spam regardless of the spoofed sender email addresses. These large server farms/collocation centers are conduits for spam.

    Thank You!

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Approve certain email addresses

    I would like to be able to approve email from certain addresses so it never gets quarantined.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Thème

    Isn't possible to have different "thème" if office is install of several PC.

    Please can you correct this point?

    Sincerely yours,
    Georges. Gassner

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. list of all the admins who changed a user license for another individual

    It would be nice to have a report that showed who modified an individuals license inside compliance.

    https://community.office365.com/en-us/f/148/t/445348

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Stop blocking all links in Outlook, including links to very safe sites. It is really annoying and makes outlook useless!!!!

    Worst roll out ever!

    Needs a user selectable threat level, or a user yes/no on blocked links, as right now it is blocking everything! and there is no obvious way through. It's driving me nuts!!!!

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add option to remove local file links with Safe Links

    It is still possible to send an email with a link that will launch local executables on the host system, has been for years. Ex. "file:///C:\Program Files (x86)\Google\Chrome\Application\chrome.exe". But it could be worse obviously. Safe Links has the ability to block URLs but no option to remove that category of links from emails. I need an option to remove file:///, therefore removing the ability to do so.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base