470 votes31 comments · Office 365 Security & Compliance » Spam & Phishing · Flag idea as inappropriate… · Admin →
Thank you for the feedback. Although we don’t have a timeframe in mind to share yet, this is something we would like to prioritize.MATTHEW THORPE commented
there is a remove emails from quarantine and it doesnt even work if you refresh they show back up WTH give me a delete all the size of the garbage in this makes it extremely hard to find legitimate emails. ever heard of a needle in a haystack?MATTHEW THORPE supported this idea ·
Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.
That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.MATTHEW THORPE commented
This needs to be available for all 356 office users not only Azure AD