Feedback by UserVoice

Jesse Thompson

My feedback

  1. 13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    thinking about it  ·  3 comments  ·  Office 365 Suite Navigation Bar  ·  Flag idea as inappropriate…  ·  Admin →
    Jesse Thompson shared this idea  · 
  2. 192 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Jesse Thompson commented  · 

    Based on the Admin response, I don't think Microsoft understands the problem being articulated.

  3. 29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Jesse Thompson commented  · 

    This is my assumption. Given that distribution groups can't munge headers for DMARC compliance (similar to Mailman and Google Groups), Microsoft can't implement the feature to modify the subject because it would break DKIM signatures.

  4. 24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    Jesse Thompson shared this idea  · 
  5. 227 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Office 365 Admin » Exchange Admin  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Jesse Thompson commented  · 

    First, we need Microsoft to roll out the IP Skiplist so that DMARC actually works with hybrid ExO. I thought it was coming last summer. Please please please.

    Next, we need the entire internet to fix the forwarding issue (maybe ARC will work, but realistically we need MLMs to rewrite the From headers).

    Last, I agree that outright blocking messages that match an existing user's name is a shortsighted idea, but maybe surfacing it as a condition for an ETR rule would be helpful (so that the Subject can be tagged)

  6. 834 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    31 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    Jesse Thompson supported this idea  · 
  7. 3,269 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    91 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    Jesse Thompson supported this idea  · 
  8. 30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Office 365 Admin » Exchange Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Jesse Thompson shared this idea  · 
  9. 21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Jesse Thompson commented  · 

    I think Revoke-SPOUserSession does that (more or less) well enough. The problem is that the SAML IdP session is still valid, so the SP (Office 365) will let the user log back in. What we need is the ability to suspend access to the Office 365 account during the time in which the attacker's IdP session may still be active.

  10. 1,459 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    56 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Jesse Thompson commented  · 

    Even if the group itself is not hidden, the members of a private group should be hidden.

    Jesse Thompson supported this idea  · 

Feedback and Knowledge Base