In Defender for Office 365 Plan 2, admins can also submit messages from the Email entity page and from Alerts in the Defender portal.Īdmins can use Exchange mail flow rules (also known as transport rules) to receive notifications when users report messages to Microsoft for analysis.
Threat Explorer (Defender for Office 365 Plan 2). Automated investigation and response (AIR) results (Defender for Office 365 Plan 2). User reported messages are also available to admins in the following locations in the Microsoft 365 Defender portal: After this feature is configured, user reported messages appear on the User reported tab on the Submissions page in the Defender portal. User reported settings allow admins to configure whether user reported messages go to a specified reporting mailbox, to Microsoft, or both. If users are allowed to release their own messages from quarantine, and user reported settings is configured to allow users to report quarantined messages, users can select Report message as having no threats (false positive) when they release a quarantined message. The Submissions page is available only in organizations with Exchange Online mailboxes as part of a Microsoft 365 subscription (not available in standalone EOP).Īdmins can submit quarantined messages to Microsoft for analysis (false positives and false negatives). The Submissions page in the Microsoft 365 Defender portalĪdmins can report good (false positives) and bad (false negative) messages, email attachments, and URLs (entities) from the available tabs on the Submissions page.Īdmins can also submit user reported messages from the User reported tab on the Submissions page to Microsoft for analysis. For installation instructions, see Enable the Report Message or the Report Phishing add-ins. These free add-ins work in Outlook on all available platforms. The Microsoft Report Message and Report Phishing add-ins MethodĬurrently, this method is available only in Outlook on the web (formerly known as Outlook Web App or OWA). However, your email is still treated as confidential between you and Microsoft, and your email or attachments isn't shared with any other party as part of the review process. Microsoft personnel might read your submitted messages and attachments, which is normally not permitted for email in Microsoft 365. 
The submission is deleted as soon as it's no longer required. Your message is held in secured and audited data centers in the USA. Microsoft treats your feedback as your organization's permission to analyze all the information to fine tune the message hygiene algorithms.
This copy includes email content, email headers, any attachments, and related data about email routing. When you report a message to Microsoft, everything associated with the message is copied and included in the continual algorithm reviews.
0 kommentar(er)
