Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SMTP Protocol Logs availability

    SMTP Protocol logs are an invaluable tool when troubleshooting message delivery in on-premises Exchange Server.

    I have just had a support case closed because Office 365 support cannot provide SMTP Protocol logs and I'm stuck, not able to determine the cause of a mail flow issue without the logs. The only option for send/receive information on a particular message is advanced message trace, which does not provide details of the message conversation.

    Can you provide a way for admins to request these logs from the Office 365 support team, if not provide a way to access them via Remote PowerShell?…

    225 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →

    As Exchange Online operates in a multi-tenant configuration, protocol logs include connections from multiple customers. Unlike Message Tracking Logs, these logs are not attributed to a specific tenant at a protocol level, therefore there is no way extract a single tenant’s logs. We provide Message Trace as the best way of tracking the messages that pass through our service.

    For connections from your own servers to our service, you do have the ability to analyse your logs which would mirror our own front door protocol logs. Message Trace would then take over for messages that were accepted by our service.

    For support cases, protocol logs can be searched for as part of tracking down an issue for an instance of an issue, however support cannot provide customers with their protocol logs for them to do their own investigation.

    We understand that admins have much less control of what happens to…

  2. Stop using the Spamhaus PBL and XBL blocklists on mail submitted by *authenticated* users

    Microsoft use various Spamhaus blocklists for filtering incoming mail. As an Office 365 user myself, I am grateful for this, as without such tools I'm sure I would receive a lot more spam.

    However, today I discovered that an email from one Office 365 user to another Office 365 user was rejected because the sender's IP was on the Spamhaus PBL and XBL lists. The IP address was not on the SBL list. Please note that the message was submitted using an Exchange client with their Office 365 username and password. It was not submitted by SMTP.

    If I understand…

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    Office 365 uses Spamhaus PBL & SBL only for rejecting unauthenticated mail servers which are trying to deliver to or relay through Office 365.

    The XBL is used to prevent authenticated clients, but ONLY if the tenant is a new/trial tenant. To resolve issues caused by the XBL, simply convert to a paid license and remove the trial. It may take 1-2 days for the system to pick up this change, but paid customers should have no issues with XBL. If you are a paid customer and are affected, please contact our support who can check the backend to make sure your licenses are correct. Occasionally a system may get out of sync and you will need to get support to dig into the problem with our engineering team.

    This check is done as one of many things we have to do to control abuse.

  3. Audit log Deletion for administrators

    Good Day,
    We have Audit logs in Exchange admins settings. I tried to delete that logs but i could not. Support team says that due to security reasons that function have only developers team. And client cannot contact developers team. We are clients and we should have that ability . If official request should be made we are ready to make that request.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Activate One Drive personal vault in office 365 business

    One Drive personal vault is currently available in OneDrive home and personal plans. It could be usefull to activate this solution on Office 365 business to improve for example the security of mobile device.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Information Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Deprecation of TLS 1.0 and how you can help your customers with this change

    I have a request which I imagine will benefit a number of your customers.

    As you know, O365 no longer supports sending email to legacy Exchange (2003 and older) systems on Windows Server 2003 running TLS 1.0. ( See these articles:

    http://bit.ly/1JoVsJT
    http://bit.ly/1gkfSK6
    http://bit.ly/1IgpknD )

    Unfortunately, we have a client that is running such an environment and we are unable to send them email. If you wish to see details, the SR is SRX615081193192636ID.

    We have encountered around a dozen other clients who’s email systems do not support TLS at all. For these cases, I have configured a rule which…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    declined  ·  2 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Archiving in Outlook and Exchange Online should be more integrated.

    For SOHO users. When I changed to Office 365 and Exchange Online I kept my archiving in Outlook. It was always there and I did not know about In-Place Archive. Such users should be informed about in-place archive and possibly the .pst archive should be moved to the Online Archive instead of the single machine Outlook Files folder. At the moment I move my archive.pst file to the Online Archive. I must say sofar the search unction in my email is much more robust.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. At this time, Office 365 provides an enterprise solution for Administrators to leverage our Import Service to import users PST files to their Office 365 mailbox archive. Unfortunately, we don’t highlight the benefit of leveraging the mailbox archive at the end-user level. However, this feedback will be taken in consideration for future product improvements.

  7. at this moment office 365 doesn’t have the functionality to automatically convert any outgoing mail attachment as ZIP file with password pro

    at this moment office 365 doesn’t have the functionality to automatically convert any outgoing mail attachment as ZIP file with password protection.
    In terms of compliance purpose, it is better to add this functionality. Because at this moment if we want this functionality to then I guess we have to go with some sort of third party tools which will be involve cost and human resource. So as a client of office 365 I and my company desire is to have that sort of functionality within office 365 itself

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  8. separate sending IP addresses for tenants

    It would be nice to have separate sending IP addresses for every different tenant. This way SFP rules won't assume that email from compromised O365 tenants are safe.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base