Feedback by UserVoice

Niels N

My feedback

  1. 207 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Niels N supported this idea  · 
  2. 112 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Niels N supported this idea  · 
  3. 403 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for taking the time to provide this feedback. We’ve updated the TechNet documentation (https://technet.microsoft.com/library/mt842508(v=exchg.150).aspx) to clear up confusion around which authentication type and protocol combinations are supported in CARs. Expanding support for more combinations could prevent bad actors with valid credentials from accessing mailbox content, but it wouldn’t help with scenarios like password spray attacks or malicious lockout attempts because CARs are evaluated post-authentication. There’s work underway on a solution that covers a broader array of basic authentication scenarios – we’ll share more details as soon as possible. In the interim, this blogpost (https://cloudblogs.microsoft.com/enterprisemobility/2018/03/05/azure-ad-and-adfs-best-practices-defending-against-password-spray-attacks/) outlines the recommended approach for forcing multi-factor authentication when using AAD and ADFS.

    Niels N supported this idea  · 
  4. 470 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    in the plans  ·  21 comments  ·  Office 365 Security & Compliance » Auditing  ·  Flag idea as inappropriate…  ·  Admin →
    Niels N supported this idea  · 
  5. 2,112 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Niels N supported this idea  · 
  6. 677 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Niels N supported this idea  · 
  7. 246 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Office 365 Security & Compliance » Reports  ·  Flag idea as inappropriate…  ·  Admin →

    1. Click into “details”.
    2. Choose “connector report”.
    3. Choose “request report”.
    4. Answer the questions in the wizard, clicking “Next”, “Next”, and “Save”.
    5. Wait for the report to come to the email address specified. It will contain the following fields:
    message_id, direction, sender_address, recipient_address, connector_name, connector_type, tls_version, tls_cipher

    With the Message_Id value, you can combine this with MessageTrace to get the Subject.

    If this does not help, please provide more information as to the scenario and detail that is missing. Thank you for the feedback!

    An error occurred while saving the comment
    Niels N commented  · 

    This would give useful insight into TLS versions used. Remote server IP address, mail domain name, and TLS version. TLS 1.2 is a minimum requirement for mail between Danish government agencies as of january 2020.

    Niels N supported this idea  · 
  8. 31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Niels N supported this idea  · 
  9. 3,601 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Niels N supported this idea  · 

Feedback and Knowledge Base