Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. O365 Account Locked for sending out over 30 messages per minute, could this be handled exceptionally by email account?

    I understand that O365 should have rule to prevent bulk mail as a spam, but if that email is a workflow mail account and it need to send out with numbers of transaction. I have problem with workflow mail account that use O365. It is possible that the workflow run multiple flow at a time. But if O365 lock the behavior , over 30 mails per minute, the workflow system will not work for the whole day. I think Microsoft should have flexibility to review this policy by account. Now I still stuck and cannot increase workflow to transform paper…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. A virus has still managed to enter our Exchange Hybrid Server via EOP.

    Virus/Malware: TSPY_FAREIT.SMBD
    Endpoint: ExchangeServer1
    Domain: Servers\
    File: C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\data\Temp\UnifiedContent\992110b6-f5f6-44d2-ad0b-da61c456cec0 (PaymentcopyInvoice000867423.exe)
    Date/Time: 18/09/2017 09:46:52
    Result: Virus successfully detected, cannot perform the Quarantine action (Please see scan result of infected file: 992110b6-f5f6-44d2-ad0b-da61c456cec0)

    Could we include these virus types into EOP detection list

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  3. How to deliver notifications of delivered spam emails to administrators

    However, the administrator must check each time that the message is quarantined if you select Quarantine Message in Spam Filter's Spam and Bulk Actions.

    Recipient users can be notified by enabling the Configure end-user spam notifications ... setting, but it is inconvenient if you do not want to be notified.

    しかし、管理者は、スパムフィルターの[スパムおよびバルクのアクション] にて、[メッセージを隔離する]を選択した場合に、検疫されたかを都度確認しなくてはいけません。
    受信者のユーザーに対しては、[エンドユーザーのスパム通知を構成する...] 設定を有効にすることで、通知ができますが、通知をしたくない場合は不便です。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. alert policy filtering

    While creating an alert policy we can only exclude alerts by sender domain, add the option to filter by specific sender I.E instead of whitelisting alerts for @citibank.com allow us to filter by alerts@citibank.com. You should not filter your security alerts for something as broad as an entire domain.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. impersonation - Intelligent mailbox protection reporting

    Although there is reporting for user impersonations, its difficult to tell what element of the Anti-phishing policy is providing the protection. Is it the Action > User impersonation or is it the Mailbox intelligence component. We have to have a very clear understanding of what users and how which emails will be impacted so that we can deal with false positives. More information on what in the email triggered the action would be a plus!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. You should recognize and allow MS Onedrive file links to pass througj.

    I copied a Onedrive link to the native messages app (Samsung S10) to share the file to family. This security feature is interfering - preventing access.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow the ability to move files within OneDrive when conditional access app restrictions are applied.

    When application restrictions are applied to SharePoint/One Drive and conditional access is used to apply this to un-trusted devices the users are unable to download/sync/print to avoid data leakage which is the expected behavior however users are unable to move files/folders within one drive itself which appears a serious limitation as the data is not being removed simply relocated within itself.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. This is a stupid idea.

    Half of my inbox says quarantine this and quarantine that. This is such an ironic system. I really don't get why this stuff is not in a junk tab or somewhere else. The point of having a system to detect unwanted emails should be to prevent it from coming in my inbox. All my inbox consists of it emails forming that I got an unwanted email. I don't feel like i have the ability to take quarantine out of my inbox. ******** system.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Be able to remove mailboxes from an E-Discovery query as you can remove OneDrive links.

    Be able to remove mailboxes from an E-Discovery query as you can remove OneDrive links. When I have a very long list of terms in an existing query and later they tell me we need that same query for one more mailbox it would be great to do a Save As of the previous query and then remove all the mailboxes and add the one that they need and re-run. This works for OneDrive entries but not for mailboxes.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  11. junkmail filtering

    @ outlook team
    why some of microsoft emails (like <Microsoft@e-mail.microsoft.com> are classified as spam by default?
    Microsoft can't bypass his own emails?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. need to add

    Dear Sir,

    Thanks for your mail but our request is , we need the report as domain wise + Number of mail sent by users+Number mail received under the same(one) domain.

    I have seen the mail trace which not possible to fulfill our request. This very important option for us.

    Kindly do the needful soon.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  13. Change deleted items retention tag reprocessing to use the date the item is deleted, not start date of mailbox retention tag.

    When a mailbox has a message retention policy to automatically delete items after 365 days, and a deleted item retention policy of 30 days, any message older than 30 days does not stay in the deleted items folder for 30 days, but is permanently deleted. Instead of recalculating the deleted item retention by the start date, recalculate the deleted item retention by the date the item was moved to the deleted items folder, plus 30 days.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. eDiscovery capability in Exchange Online: A large discrepancy exists between the estimated size and actual size of an in-place eDiscovery s

    eDiscovery capability in Exchange Online: A large discrepancy exists between the estimated size and actual size of an in-place eDiscovery search of a users mailbox. The tool consistently estimates a much larger file size than what is actually produced. The conclusion is that the resulting file is missing data. In each case, Premier Support has recommended moving the users mailbox. Ticket numbers: 115102213294077, 115122113516279, 116011513591778

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  15. There should be an option to custom schedule when end users get notification, there should be an hourly schedule

    There should be an option to custom schedule when end users get notification, there should be an hourly schedule, as daily schedule affects time sensitive emails

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy

    Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy trying to get their passwords

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Tenant Wide Permission Report across all Site Collections

    I would like the ability to run a permission report against the entire tenant where I can check all site collections (and sub-sites) or specific site collections with an option to include or not include list and libraries. I've found PowerShell scripts to run against a single site collection but not the entire tenant. I need Site Collection address, site address, site owner, user login, and the permission granted,

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Teams Microsoft and Skype for Business

    Teams Microsoft and Skype for Business services the rutilite in Security the community Small Business, preservation and Protection on potencial the client in relation the Enterprise for production quality in conformidade the Marketing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base