7 votes0 comments · Office 365 Security & Compliance » Advanced Security Management · Flag idea as inappropriate… · Admin →JH Webb shared this idea ·
The limit you are talking about protects against large volume senders overwhelming the shared resources of our service and ensures emails are not all sent out at once for automated systems. Can you please tell us more about the problems this causes to the software that queueing and retries are not able to handle?JH Webb commented
SMTP Limit of 30 per minute is breaking report delivery and system notifications.
We use Citrix ShareFile for report delivery for both internal and external users. We use a fully license E2 account to log in. When reports post we need to be able to email notify about 250 users internally and externally. SMTP limit breaks this function.
Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.
That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.
1,322 votesJH Webb commented
I think about security a lot. We have MFA protecting access to our whole office 365 tenancy, Accepted for global admins using power shell that can just connect and do anything (Let me know if I can protect it further). However, providing in the admin site a fully functional power shell that can store favorite queries or commands would go a long way to really locking down access.